News

U.S. State Department Suffers Widespread Computer Break-Ins

The State Department is recovering from large-scale computer break-ins worldwide over the past several weeks that appeared to target its headquarters and offices dealing with China and North Korea, The Associated Press has learned.

Investigators believe hackers stole sensitive U.S. information and passwords and implanted backdoors in unclassified government computers to allow them to return at will, said U.S. officials familiar with the hacking. These people spoke on condition of anonymity because of the sensitivity of the widespread intrusions and the resulting investigation.

The break-ins and the State Department's emergency response severely limited Internet access at many locations, including some headquarters offices in Washington, these officials said. Internet connections have been restored across nearly all the department since the break-ins were recognized in mid-June.

"The department did detect anomalies in network traffic, and we thought it prudent to ensure out system's integrity," department spokesman Kurtis Cooper said. Asked what information was stolen by the hackers, Cooper said, "Because the investigation is continuing, I don't think we even know."

Tracing the origin of such break-ins is difficult. But employees told AP the hackers appeared to hit computers especially hard at headquarters and inside the Bureau of East Asian and Pacific Affairs, which coordinates diplomacy in countries including China, the Koreas and Japan. In the tense weeks preceding North Korea's missile tests, that bureau lost its Internet connectivity for several days.

China's government was considered by experts a chief suspect in computer break-ins at the Defense Department and other U.S. agencies disclosed last summer. But China also is home to a large number of insecure computers and networks that hackers in other countries could use to disguise their locations and launch attacks.

The Pentagon warned earlier this year that China's army is emphasizing hacking as an offensive weapon. It cited Chinese military exercises in 2005 that included hacking "primarily in first strikes against enemy networks."

After the State Department break-ins, many employees were instructed to change their passwords. The department also temporarily disabled a technology known as secure sockets layer, used to transmit encrypted information over the Internet. Hackers can exploit weaknesses in this technology to break into computers, and they can use the same technology to transmit stolen information covertly off a victim's network.

Many diplomats were unable to access their online bank accounts using government computers because most financial institutions require the security technology to be turned on. Cooper said the department has since fixed that problem.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.