Pentagon cyber attack more serious than previously assumed

The cyber attack on parts of the Pentagon network last June may have had more serious consequences for network security than previously publicised. According to a report in US Government Executive magazine, Dennis Clem, CIO of the Office of the Secretary of Defense, conceded last week that an "amazing amount" of data was stolen.

Following the attack, allegedly carried out by Chinese hackers, the Pentagon had taken 1,500 computers off-line for more than a week. A reassuring statement issued at the time said that the compromised mail server contained "virtually" no sensitive data.

However, the new magazine report claims that malicious code, which exploits a hole in Microsoft Windows, was detected in various portions of the network during network infrastructure reorganisation. Pentagon employees received spoofed emails containing recognisable names. According to the report, when they opened them, network access data were spied out.

This allowed the originators of the malicious code access to the entire system. The report said data stored there could be copied and sent back to the intruder. The breach continues to pose a threat, added Clem, because it is unknown when the stolen information, which could be useful for US opponents, will be used.

At the time, China rejected the accusations. Clem revealed no further details about the originators of the cyber attack. According to the report, the recovery of the network portion shut down because of the assault took three weeks and cost $4m.

The US Department of Defense has given four private companies the task of making the network more secure. In addition, corporate partners will be obliged to encrypt non-confidential data in the same way as sensitive data. The Department of Defense also wants to achieve better security standards for government data stored on the internal networks of trade partners who, among other things, supply the Department with arms systems.

The idea of limiting Pentagon employees' private use of the network will not be put into practice. According to US media, the Department's Deputy CIO David Wennergren considers this the wrong approach because it is self-restricting.

(trk)