As more and more cyber threats aim at the United States, the recent victim has been the US Department of State. Reports suggest that the US State Department has suffered a cyber attack lately, that possibly happened due to vulnerable infrastructure.
US State Department Suffered Cyber Attack
In a recent report, Fox News has quoted sources mentioning a cyber attack lately happened at the US State Department.
As revealed, they learned of a data breach as well via notifications issued by the Department of Defense Cyber Command.
It presently remains unclear when and how the incident happened. However, sharing details in a series of tweets, Jacqui Heinrich, mentioned that the Department might have suffered the attack “a couple of weeks ago”.
For now, no details have surfaced online from official sources as the investigations continue. According to the Us Dept. of State spokesperson,
The Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected. For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time.
The recent updates, though, clarify that this has been an “isolated” incident with no impact on other agencies. Nor did it affect any operations or exposed classified systems.
Notably, the incident happened shortly after a report from the Senate Homeland Security Committee highlighted weaknesses in the State Department’s security structure. It precisely mentioned the use of unsupported and outdated systems with no software lifecycle management, failure to timely remediate the vulnerabilities, inadequate IT inventory (both software and hardware), and ineffective data protection at the State Department’s structure.
While the attackers’ identity presently remains unclear, sources hint at the involvement of foreign threat actors.
Perhaps, more details about the attack may surface online in the coming days.
This isn’t the first time that the US State Dept. has suffered a cybersecurity incident. A similar incident happened in 2018 as well when an email breach exposed the Department’s employee data.
Let us know your thoughts in the comments.