US Cyber Attack – State Dept. Gets Low Rate

This post is also available in: עברית (Hebrew)

The U.S. State Department was recently hit by a cyber-attack and notifications of a “possible serious breach” were issued, a Fox News reporter tweeted on August 21. 

According to local media, the State Department has not experienced significant disruptions and has not had its operations impeded in any way.

It’s unclear when the breach was discovered, but it’s believed to have happened a couple of weeks ago, according to a series of tweets by reporter Jacqui Heinrich. The Department of Defense’s Cyber Command made the notifications, she said. 

The department’s continued work to evacuate Americans and allied refugees in Afghanistan has not been impacted by the cyberattack, the reporter said, citing an anonymous source.

“The Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected,” a State Department spokesperson said in a statement. “For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time.” 

Interested in the latest cyber updates? Attend INNOTECH 2021 Cyber, HLS, and Innovation Event at Expo Tel Aviv, Nov. 17-18.

This month the Senate’s Committee on Homeland Security and Government Affairs released its federal cybersecurity report entitled: US Data Still at Risk.

Notably, the report found that the agency could not provide documentation for 60% of the sample employees tested that had access to its classified network. The State Department also left thousands of employee accounts active even after they had departed from the agency for extended periods of time—in some cases as long as 152 days after employees quit, retired, or were fired—on its classified and unclassified networks, as reported by gizmodo.com.

Overall, the State Department’s cybersecurity practices received a “D” rating, one of the lowest ratings available.