Wednesday, July 29, 2015

Pentagon Email Network Shut Down During Investigation

A portion of the Department of Defence’s nonclassified email network used by Army General Martin Dempsey and other members of the U.S. military’s Joint Staff has been shuttered after “suspicious activity” was detected on the systems over the weekend.

“We continue to identify and mitigate cybersecurity risks across our networks,” Lieutenant Colonel Valerie Henderson said. “With those goals in mind, we have taken the Joint Staff network down and continue to investigate.”


The Pentagon has not released details of the nature of the event being investigated, but did confirm that the shutdown was initiated by the DoD and was not the result of malicious activity directly.

Late in 2014, U.S. State Department officials similarly disclosed they had taken an unclassified email system offline as a precaution following an unauthorized access event, joining a growing list of federal agencies who had disclosed network breaches recently.

Officials said they had observed “activity of concern” on the systems around the same time period that the White House had reported a similar incident on its unclassified systems, as did the U.S. Postal Service (USPS) and the National Oceanic and Atmospheric Administration (NOAA).

In February of this year, after three months of working to secure the unclassified email system, the State Department was still unable to expel the attackers and lock down the network, according to sources with knowledge of the investigation.

The USPS had to disable employee VPN access to its networks and suspend telecommuting in the wake of a substantial data breach, but did allow staff to resume remote work after a deploying security enhancements.

NOAA reported they were the subject of a serious unauthorized intrusion in late September of last year, but officials had given no notice that a security incident had taken place until late in October.

NOAA spokesman Scott Smullen released a statement at the time saying that the agency began incident response immediately upon learning of the system breach, but declined to provide any more details as an investigation was underway.

The timeline of these events could be indicative of a coordinated effort by attackers to probe federal systems looking for vulnerabilities that could be exploited at a later date, and it would not be surprising if other government entities have also suffered security events that have yet to be disclosed publicly, if ever.

http://darkmatters.norsecorp.com/2015/07/29/pentagon-email-network-shut-down-during-investigation/
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)