Forwarded from: The happy staff at Attrition.org
July 11, 2006
WASHINGTON (AP) -- The State Department is recovering from large-scale
computer break-ins worldwide over the past several weeks that appeared to
target its headquarters and offices dealing with China and North Korea,
The Associated Press has learned.
Investigators believe hackers stole sensitive U.S. information and
passwords and implanted backdoors in unclassified government computers to
allow them to return at will, said U.S. officials familiar with the
These people spoke on condition of anonymity because of the sensitivity of
the widespread intrusions and the resulting investigation.
The break-ins and the State Department's emergency response severely
limited Internet access at many locations, including some headquarters
offices in Washington, these officials said. Internet connections have
been restored across nearly all the department since the break-ins were
recognized in mid-June.
"The department did detect anomalies in network traffic, and we thought it
prudent to ensure our system's integrity," department spokesman Kurtis
Cooper said. Asked what information was stolen by the hackers, Cooper
said, "Because the investigation is continuing, I don't think we even
Tracing the origin of such break-ins is difficult. But employees told AP
the hackers appeared to hit computers especially hard at headquarters and
inside the Bureau of East Asian and Pacific Affairs, which coordinates
diplomacy in countries including China, the Koreas and Japan.
In the tense weeks preceding North Korea's missile tests, that bureau lost
its Internet connectivity for several days.
China's government was considered by experts a chief suspect in computer
break-ins at the Defense Department and other U.S. agencies disclosed last
But China also is home to a large number of insecure computers and
networks that hackers in other countries could use to disguise their
locations and launch attacks.
The Pentagon warned earlier this year that China's army is emphasizing
hacking as an offensive weapon. It cited Chinese military exercises in
2005 that included hacking "primarily in first strikes against enemy
After the State Department break-ins, many employees were instructed to
change their passwords. The department also temporarily disabled a
technology known as secure sockets layer, used to transmit encrypted
information over the Internet.
Hackers can exploit weaknesses in this technology to break into computers,
and they can use the same technology to transmit stolen information
covertly off a victim's network.
Many diplomats were unable to access their online bank accounts using
government computers because most financial institutions require the
security technology to be turned on. Cooper said the department has since
fixed that problem.
Copyright 2006 The Associated Press. All rights reserved.
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.