The US state department is the latest victim of a cyber-attack, according to the local media reports, continuing that the US Department of defense cyber command has informed of a possible “serious breach”. Though, the specific extent of the cybercrime and the suspected perpetrators responsible for the attack are still unknown, according to the reports.
US State Department Neither Confirmed nor Denied the Cyber-Attack
Moreover, in a statement to Fox News, the US State Department did not confirm or deny the purported attack. “The Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected,” a department spokesperson told Fox News. “For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time.”
Eight Federal Agencies were Evaluated for the Cybersecurity Protocols
Furthermore, it has been pointed out that the disclosure of a possible cyber-attack has transpired in the same month the Senate’s Committee on Homeland Security and Government Affairs published its federal cybersecurity report. Notable figures from the US Senate Homeland Security and Governmental Affairs Committee issued a bipartisan report earlier this month which declared that none of the eight national agencies that were evaluated for security had met even the primary cybersecurity protocols and standards to guard the personal identification data of the US citizens as well as equipment and programs on the agency’s systems.
It is unclear when the breach was discovered, but it is believed to have happened a couple weeks ago.
A source familiar tells Fox the State Department’s ongoing mission to evacuate Americans and allied refugees in Afghanistan “have not been affected”.
— Jacqui Heinrich (@JacquiHeinrich) August 21, 2021
Moreover, the report also stated that the agency could not generate documentation for 60% of the sample operators tested that had access to its classified network. The US State Department further started thousands of employee accounts are active even after they had departed from the bureau for extended periods of time.
The Department Received a “D” Rating for Its Cybersecurity Practices
“Former employees or hackers could use those unexpired credentials to gain access to State’s sensitive and classified information while appearing to be an authorized user,” the report stated. An investigation of the State Department’s systems discovered that the US State Department failed to address vulnerabilities. Ten systems were detected with 450 critical-risk and 736 high-risk outstanding vulnerabilities. Overall, the US State Department’s cybersecurity disciplines received a “D” rating, one of the lowest ratings achievable.