US State Department unclassified email shut down after cyberattack

'Activity of concern' detected in same period as White House attack, security updates underway

In late October, the White House was the target of "unusual activity" on unclassified networks, leading to the sweep of internal systems for malware and other nefarious infiltrations. As it turns out, the White House wasn't the only high-profile network hit, as the US State Department detected "activity of concern" around the same time period.

The State Department pulled down its entire unclassified email system on November 16 after entering into a maintenance phase on November 14. An official spoke to the Associated Press, saying the worldwide shutdown of the email system was done to make scheduled security improvements on Internet-linked systems on the main unclassified network. Pulling the system down interrupted email and public Internet access for many State employees.

While the initial "activity of concern" was detected around the same period as the attack on the White House network, the official said that there was no evidence that the State Department was affected at the time. However, pulling down the unclassified system was done to repair systems suspected of being damaged in the breach. No mention was made of who or where the attack originated from. The official added that State Department's classified systems were not affected by the cyberattack.

The shutdown systems are expected to be operational again likely in the next two days. The State Department intends to address the email shut down and security upgrades this later this week, once the improvements are in place.

Since the White House reported the suspicious activity on the unclassified network for the Executive Office of the President, several other integral system targets stepped forward, including the National Oceanic and Atmospheric Administration (NOAA) and the US Postal Service (USPS). No customer credit card data was taken in the USPS attack reported on November 12, but customer information given to call center employees in an eight-month period, as well as data on the more than 800,000 employees, was accessed.

The attack on the NOAA was reported on November 12, but actually hit the network in late September. Sources say that there was no indication that the NOAA had a problem until October 20, as the agency tried to battle it internally without informing authorities, failing to follow proper reporting policies. Attacks on the NOAA and USPS are suspected to be Chinese in origin, while the White House attack is thought to originate in Russia.


Post a comment
Please note that it takes a couple of minutes for new comments to be visible in this area.