US DoD Department Hacked And Data Compromised

The US Defence Information Systems Agency (DISA) has confirmed it has been hacked and the personal data of 200,000 people has been compromised.

DISA describes itself as a “combat support agency” of the Pentagon. Essentially, what it does is oversee military communications including calls for US President Donald Trump, the BBC reported.

The hack came despite US precautions. In 2015 the Pentagon said it would build a massive database of system vulnerabilities in order to track threats to critical systems and remain one step ahead of hackers. It said its cyber ‘scorecard’ would assess and identify flaws in American military computer networks, weapons systems, and installations.

Pentagon hack

But DISA has confirmed to the BBC that it was a victim of a cyberattack when computer systems controlled by it were hacked.

The data exposed included names and social security numbers, and happened in the summer of 2019.

A spokesperson for the Department of Defence would not tell the BBC whether it knew who was responsible for this attack – but the spokesperson did confirm the department was constantly under threat.

“DoD networks are under attack daily and the department maintains an active posture to thwart those attacks,” the spokesperson reportedly said.

The agency said this month it had begun notifying people who had been affected but that there was “no evidence” their information has been misused.

The agency told the BBC once the breach in its computer system was discovered it investigated and took steps to fix it and prevent further hacks.

US military veteran and cyber threat analyst, Andy Piazza, tweeted a letter he received from DISA about the breach.

The Pentagon warned that future weapon platforms needed to be secured against any form of cyber intrusion.

It has also previously said that the United States military has the right to retaliate with military force against a cyberattack.

Investigation needed

One security expert said that the DISA breach on the surface looks to have been minor, but an investigation was needed to uncover if other systems were impacted.

“The details of the reported breach are pretty obscure,” said Ilia Kolochenko, founder and CEO of web security company ImmuniWeb. “At first glance, just one system hosting employee data had been breached and, if so, it seems to be a comparatively insignificant security incident of minor importance.”

“However, an in-depth investigation should be urgently conducted to ascertain whether other systems or devices have been impacted,” said Kolochenko. “Frequently, nation-state attackers commence their attacks by breaching the weakest link accessible from the Internet and then silently propagate to all other interconnected systems in a series of chained attacks.”

“Worse, access to personal data of the agency staff greatly facilitates a wide spectrum of sophisticated spear-phishing and identity theft attacks capable to bypass virtually any modern layers of defense,” Kolochenko added.

“The present disclosure timeline seems to be impermissibly protracted given that the breach reportedly happened almost a year ago,” said Kolochenko. “This may be an indicator of attack sophistication, and what has been reported so far may just the tip of the iceberg.”

Do you know all about security? Try our quiz!