Online attackers allegedly breached computer systems at the U.S. Department of State and worldwide offices in June, installing remote access software, stealing passwords and targeting information on China and North Korea, according to an article by the Associated Press.
The attacks should not come as a surprise to U.S. officials or the security community. Online attackers, which some security experts believe to be state sponsored, have targeted stealthy, low-volume attacks at specific individuals inside government agencies and corporations. In May, security experts discovered that attackers were using a zero-day exploit for a flaw in Microsoft Word to compromise targeted systems. The attacks have apparently originated in China or used a Chinese server from which to attack.
The State Department, which got an 'F' on its security posture under the Federal Information Security and Management Act (FISMA) for 2005, instructed many employees to change passwords, officials told the AP. The attacks, and the agency's response, severely limited network access at many office locations.
Posted by: Robert Lemos