The Washington Free Beacon recently reported a “sophisticated” attack that resulted in the breach of 14 servers and 20 workstations at the Department of Energy (DoE) headquarters. The intruders got away with mostly Personally Identifiable Information, or PII, of several hundred of their employees. Fortunately, the breach didn’t result in any classified information being leaked that they know of. Of course everyone is pointing to China but there is still no word yet on the source.
In Friday’s hack Twitter also used the term “sophisticated” so in honor of that I’ll make a prediction. The DoE attack most likely involved phishing employees with an infected attachment or link to a malware infested website, grabbing the local hashes and cracking them, navigating around the network to see what they have access to, and happening to come across some employee PII. Although we will probably never find out what really happened, you can be sure the term “sophisticated” will stay in place.
Computer networks at the Energy Department were attacked by sophisticated hackers in a major cyber incident two weeks ago and personal information on several hundred employees was compromised by the intruders.
Energy Department officials, along with FBI agents, are investigating the attack on servers at the Washington headquarters. They believe the sophisticated penetration attack was not limited to stealing personal information. There are indications the attackers had other motives, possibly including plans to gain future access to classified and other sensitive information.
No classified information was compromised in the cyber attack, said officials who provided details of the attack to the Washington Free Beacon on condition of anonymity.
Energy Department and FBI spokesmen declined to comment.
Today’s post pic is from BusinessInsider.com. See ya!