Both government and private security specialists are still struggling to end the hackers’ presence inside an unclassified section of the State Department’s email system.
According to two official sources, security teams have not been able stop the hackers from accessing the email system, despite first discovering the hack around 3 months ago. The intruders are using a wide variety of changing techniques to outwit the security teams, although no classified State Department material seems to have been compromised, writes John Walcott of Bloomberg.
Hackers linked with Russia?
Despite the lack of a serious breach, officials are still worried because the presence of the hackers enables them to write false emails, delete genuine messages and continue searching for a way into classified communications systems.
At this year's Sohn Investment Conference, Dan Sundheim, the founder and CIO of D1 Capital Partners, spoke with John Collison, the co-founder of Stripe. Q1 2021 hedge fund letters, conferences and more D1 manages $20 billion. Of this, $10 billion is invested in fast-growing private businesses such as Stripe. Stripe is currently valued at around Read More
One of the officials, who requested anonymity, said that a number of factors appear to suggest that the attack may be linked with Russia. One former U.S. intelligence official claims that Russia’s cyber-espionage capabilities are almost on par with the U.S. National Security Agency.
The cyber intrusions come at a time of deteriorating relations between the U.S. and Russia, with the ongoing conflict in Ukraine a major source of tension. Hackers linked to the Russian government have been known to use similar “phishing” techniques in the past, where victims are incited to open e-mail attachments infected with malware which then allows hackers to access email systems.
This time around the investigation has not reached any definitive conclusion on the origins of the intruders, according to the officials.
State Department response
“We have robust security to protect our systems and our information, and we deal successfully with thousands of attacks every day,” said Marie Harf, a State Department spokeswoman. “We take any possible cyber intrusion very seriously.”
The persistent attacks followed a report from Moscow-based cyber security company Kaspersky Lab which claimed that tens of thousands of computers across the globe had been infected with surveillance software following a highly sophisticated spying campaign.
The Russian company stopped short of alleging that the hackers were associated with the NSA, but Costin Raiu, director of Kaspersky’s global research and analysis team, did say that the sophistication of the attack would point to the involvement of government spy agencies in the U.S., Britain, Russia or China.
U.S. security teams need to get the hackers out of the State Department email system before they work out a way of causing damage or accessing classified information.