Chinese Hackers Hit Commerce Department – Management News by InformationWeek
An attack against computers of the Bureau of Industry and Security (BIS) — the branch of Commerce responsible for overseeing U.S. exports which have both commercial and military applications — forced BIS to turn off Internet access in early September.
An August e-mail from acting Undersecretary of Commerce Mark Foulon quoted by the Washington Post said that BIS “had identified several successful attempts to attack unattended BIS workstations during the overnight hours.” Last month, reported the Post, Foulon wrote: “It has become clear that Internet access in itself is a vulnerability that we cannot mitigate. We have tried incremental steps and they have proven insufficient.”
“BIS discovered evidence of a targeted attack to access user accounts,” confirmed Richard Mills, a Commerce Department spokesman. “But there is no evidence that any BIS data has been compromised.”
This is the second major attack originating in China that’s been acknowledged by the federal government since July. Then, the State Department said that Chinese attackers had broken into its systems overseas and in Washington. And last year, Britain’s National Infrastructure Security Co-ordination Center (NISCC) claimed that Chinese hackers had attacked more than 300 government agencies and private companies in the U.K.
“This [Commerce attack] is the third or fourth battle that we’ve lost to China,” said Richard Stiennon, principal analyst with security consultancy IT-Harvest. “It’s not a digital Pearl Harbor, not yet, but it’s getting closer.” [More]