US Homeland Security Contractor Warns Of ‘State-Sponsored’ Breach

A contractor for the US Department of Homeland Security (DHS) has revealed that it has fallen victim to a serious cyberattack, and warned that the breach “has all the markings of a state-sponsored attack.”

It comes after the US government’s Department of Labor website was compromised in May, and the US Office of Personnel Management (OPM), the government agency that keeps the personal information of all federal employees, suffered a similair incident last month.

Both cases are thought to be the work of Chinese hackers.

State Sponsored

The latest attack took place on the corporate network belonging to US Investigations Services (USIS), the largest provider of background investigations to the American government.

“Our internal IT security team recently identified an apparent external cyber-attack on USIS’ corporate network,” explaied the company. “We immediately informed federal law enforcement, the Office of Personnel Management (OPM) and other relevant federal agencies. We are working closely with federal law enforcement authorities and have retained an independent computer forensics investigations firm to determine the precise nature and extent of any unlawful entry into our network. Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack.”

“Cybercrime and attacks of this nature have become an epidemic that impacts businesses, government agencies, and financial and educational institutions alike,” said Falls Church, a spokesman for Virginia-based USIS. “The protection and safeguarding of our networks, our data and the data of our customers is always of the utmost importance, and we have invested heavily in security measures.”

“Given the involvement of law enforcement and the active nature of this investigation, we cannot provide any additional information at this time,” the company said.

It is not clear at this stage what information the hackers were able to obtain, but the Washington Post reported it likely involved the theft of personal information about DHS employees. The US government has reportedly suspended much of its work with USIS, whilst the FBI investigates the matter.

USIS has been criticised recently in the US Congress because of its background checks on National Security Agency whistleblower Edward Snowden and on Aaron Alexis, the military contractor who killed 12 people during shootings at the Navy Yard in September 2013.

Toxic Relationship

This latest attack comes amid a deteriorating relationship between the US and China over the matters of cyber security.

In June, a US official confirmed that attempts by the United States and China to tackle the scourge of cyber crime together had stalled.

The collapse in co-operation was blamed on the fact that the US had filed hacking charges against Chinese army personnel. In late May, the US had filed indictments against five members of Unit 61398 of the Chinese People’s Liberation Army (PLA).

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

OpenAI’s ‘Operator’ Agent Automates Online Tasks

OpenAI launches AI agent called 'Operator' to automatically fill out forms, make restaurant reservations, book…

3 mins ago

Pakistan’s Parliament Passes Bill For Strict Control On Social Media

Bill passed to give Pakistani government sweeping controls on social media, but critics argue it…

1 hour ago

Indian Tribunal Suspends Meta’s Data Sharing Ban

After Meta had warned that India's data sharing ban could collapse WhatsApp's business model, tribunal…

3 hours ago

UK’s CMA Begins Probe Into Apple, Google Mobile Ecosystems

British regulator confirms investigation of Apple and Google's domination of app stores, operating systems, and…

4 hours ago

Samsung Touts AI Features With Galaxy S25 Smartphones

Launch of Samsung's Galaxy S25 Ultra, Galaxy S25+ and Galaxy S25 sees the handsets described…

7 hours ago

LinkedIn Sued Over Alleged Use Of Private Messages To Train AI

Microsoft's LinkedIn sued for allegedly using customer data, including private messages, to train AI models…

8 hours ago