The U.S. Department of Commerce took hundreds of computers offline following a series of attacks aimed at federal employees' computer accounts by online thieves that appear to be based in China, according to media reports published on Monday.
The department's Bureau of Industry and Security (BIS) told news agencies that several user accounts had been compromised by the attackers, but no sensitive data had been stolen.
The department is the second federal agency to be compromised by attacks coming out of China. In July, the U.S. Department of State also acknowledged that some if its computers had been hit by attackers targeting information about China and Korea. The federal agency also maintained that no sensitive information had been taken.
The attacks continue a trend of stealthy, low-volume attacks targeted at individuals inside government agencies and corporations that some security experts believe are sponsored by a country, likely China. In May, security experts discovered that attackers were using a zero-day exploit for a flaw in Microsoft Word to compromise targeted systems. A number of other attacks have also made use of zero-day Office vulnerabilities. The attacks have apparently originated in China or used a Chinese server from which to attack.
The Department of Commerce got an 'D+' on its security posture under the Federal Information Security and Management Act (FISMA) for 2005. FISMA directs all U.S. government agencies to assess the condition of the computer defenses annually.
Posted by: Robert Lemos