The attack occurred in September, but was not reported until October 20. Cybersecurity experts shut down systems at the National Oceanic and Atmospheric Administration (NOAA) in order to conceal vital data related to disaster planning, aviation and shipping, among other uses.
An attempt to conceal the attacks?
Officials at the NOAA have been accused of a cover-up after failing to inform the proper authorities of the attack, instead claiming that it was undertaking “unscheduled maintenance.” It took until this Wednesday for NOAA spokesman Scott Mullen to acknowledge the attacks, however he declined to answer further questions.
However U.S. Rep. Frank Wolf (R-Va.) asked the NOAA for information following an inquiry from The Washington Post. It was confirmed to him that the attack came from China, but the agency did not specify what information was compromised or whether malware was installed on its system.
Commerce Department Inspector General Todd Zinser said that his agency was “in the process of looking into the matter, including why NOAA did not comply with the requirements to notify law enforcement about the incident.”
Satellite systems hacked by China: U.S. vulnerabilities
The web server attacked by the hackers had minimal security protections, likened by one source to protecting a house using “just a screen door.” Vulnerabilities at seemingly less important agencies could still have disastrous consequences, according to Jacob Olcott, a cybersecurity consultant for Good Harbor Security Risk Management and former Senate staffer on cybersecurity legislation.
U.S. Rep. Wolf also weighed in, claiming that hackers could steal information “that may not look significant until they’re put with something else and then they become valuable.”
It would appear that hackers are probing the U.S. system for weaknesses, following a string of attacks on federal systems, including a suspected Russian attack which breached unclassified White House networks.
Attacks have also targeted commercial entities, with the United States Postal Service recently confirming that employee data had been compromised in September after another suspected Chinese attack.
Confirmation that the NOAA attack was carried out by the Chinese could affect the U.S.-China climate change pact which was announced today. It is presumably a worry that any strengthening of bilateral cooperation could open up already weak U.S. security systems to further exploitation by the Chinese. It remains to be seen how President Obama reacts to this latest news of Chinese cyber attacks on federal systems.
