Looks like those Chinese hackers are at it again. After reports that intruders based there recently compromised the computers of The New York Times and The Wall Street Journal, targeting employee passwords and other data, the U.S. Department of Energy told employees in an e-mail that its systems, too, had been infiltrated.
The story was first reported by the nonprofit online newspaper Washington Free Beacon, which said FBI and Energy Department investigators were probing the theft of employee information at the agency and whether the hack was a prelude to an attempt to carry out a much more pervasive attack to gain classified data in the future.
While no classified information is believed to have been compromised, the sophistication of the attack suggests a "nation-state" involvement, the paper said, and Energy has been a frequent target of Chinese hacks in the past.
Last year saw a series of hacking attacks against U.S.-based companies and government agencies, including a military computer at the White House. The virtual battlefield is an increasingly busy theater of operations as the U.S. struggles to ward off an onslaught of foreign hackers.
In 2009, then-Defense Secretary Robert M. Gates established the U.S. Cyber Command, a division of the U.S. Strategic Command, headed by Gen. Keith B. Alexander, to defend military systems. Its job is to "direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure U.S./Allied freedom of action in cyberspace and deny the same to our adversaries."
The Department of Homeland Security, however, is charged with defending non-military government (the .gov domain) computers such as those at DOE, while Cyber Command defends the .mil domain.
Global cyber security expert Chester Wisniewski of the firm Sophos told us there was too little information to determine "concrete conclusions" about what the Chinese were up to.
"It is fair to say that the Chinese are not having any difficulty staying busy and it is far more likely that we are just hearing it from more organizations than usual," Wisniewski said.
Encrypt Your Data
"Most organizations are compromised multiple times per year and just prefer to keep it quiet. Of course the extent to which the attackers were able to exploit them often determines whether they are obligated to let the cat out of the bag."
He added that one missing question regards why personal information seems to have been stored unencrypted.
"It is impossible to maintain a perfectly secure environment, so you ought to know that the "bad guys" are going to end up on your network from time to time," he said. "Why did you leave sensitive information just lying around for the taking? We shouldn't blame the victims, but negligence is negligence."