Two major government agencies were hacked in recent weeks, for two very different reasons.
The first victim was the Department of Energy, which revealed on Monday that its network was compromised by foreign hackers in mid-January. The perpetrators managed to steal personal information from several hundred employees and contractors, but no classified data was compromised.
“As individual affected employees are identified, they will be notified and offered assistance on steps they can take to protect themselves from potential identity theft,” the department told employees in an email forwarded by a department spokesperson to The Huffington Post.
The Department of Energy is reportedly “known to be a major target of China for both secrets and technology.” The nation is widely suspected to be the source of many other high-profile cyberattacks in recent years, including the recently exposed theft of user data from the New York Times and Twitter.
John Casaretto talked about China’s involvement in cyber espionage this week on our NewsDesk show with Kristin Feledy. He brought up the nation’s track record of putting state interests above internet freedom and privacy, and said that the Chinese government indirectly supports hackers by funding them and even providing the talent necessary to pull off an attack.
The unnerving update from the Department of Energy was followed by a similar announcement from the Federal Reserve on Tuesday. Officials told Reuters that hackers exploited a “temporary vulnerability in a website vendor product” to obtain information belonging to individuals on the central bank’s database.
Anonymous claimed responsibly for the breach via one of its Twitter accounts, and published passwords, credentials, contact information and other data associated with over 4,000 banking executives on Sunday. The hacktivist group been threatening to break into the Federal Reserve for a while now, but so far has been unsuccessful in its attempts.
These recent attacks prove once again that something must be done to improve information security in the public sector. The subject is being widely debated in Washington today, but so far none of the proposed measures have been implemented on a nation-wide scale.