Russian hackers allegedly accessed the Pentagon's Joint Staff unclassified email system, which led the agency to take the service offline for nearly two weeks.
NBC News reported, through anonymous sources, that the “sophisticated cyber intrusion” occurred around July 25 and affected nearly 4,000 military and civilian personnel who work for the Joint Chiefs of Staff. The cyber attack apparently relied on an automated system that could quickly gather large amounts of data and distribute it to thousands of online accounts. The entire process could last only a minute.
The hackers also reportedly conducted the cyberattack in conjunction with encrypted social media accounts. CNN reported that the attack originated from a spear phishing email, even though “all of the required cyber protection and patches were in place.”
Although the anonymous sources couldn't say whether the Russian government hired the hackers, the attack was “clearly the work of a state actor,” an NBC News source stated.
No classified emails were stolen, and only unclassified accounts and emails were accessed.
The Pentagon immediately shut down the entire Joint Staff unclassified email system and internet upon learning of the attack. It will likely be back online before the end of the week.
The Joint Staff is comprised of personnel from each of the four Department of Defense armed services, and they assist the Chairman of the Joint Chiefs of Staff.
This article was first published in our sister publication SC Magazine.