Friday, 28 November 2014

China Suspected Of Attacking USPS and NOAA

Last week, National Oceanic and Atmospheric Administration and the United States Postal service had confirmed that that there were attacks on their computer system. These cyber attacks went on for a month and suspected to be originated in China. According to USPS, these attacks compromised the private information of nearly 800,000 employees. The type of information that was at risk includes date of birth, names, addresses, date of employments and Social Security numbers. This information’s is very important as anyone can forge and influence the service as well as other government agencies.

What is at risk? 

According to CTO, Greg Kazmierczak, Wave systems, specific details about any individual can be risky as the attackers can use them to spear phishing attacks later on. According to Eric Chiu, the president and founder of HyTrust, apart from attacking the companies, this personal data can be harmful to the employees against themselves. He stated that compared to the customer’s date, employee data is more valuable as the companies have a record of their social security, finance and home. This can help the attackers to forge the identity.

NOAA Breach: 

Even though USPS had not pointed fingers at anyone pertaining to this attack, but China is being suspected behind these attacks. According to CEO of ThreatTrack, Julian Waits Sr., this revelation could not have come at any bad time, now the customers will get concerned about their identity and their personal security. NOAA was called on the carpet regarding the breach originated from the Chinese systems. They informed Frank R. Wolf from the Virginia Republican that they sure that their systems were hacked by China. However, they were unable to confirm that this attack specifically originated in China.

The Breach Diary: 

1. 10th Nov- USPS confirms the cyber intrusion and gave an estimation of 2.9 million affected customers.

2. 10th Nov- Sarah Hendrickson appointed as the chief of security.

 3. 11th Nov- Microsoft fixed a 19-year-old bug, which can be used by the hackers to launch drive-by attacks.

4. 12th Nov- 24,105 stories about data breach was reported by the Deloitte

According to another news report, after hacking into USPS, days after this event, hackers broke into U.S. National Weather Service computers. This attack was confirmed by the US National Oceanic and Atmospheric Administration. This attack took place just two days after the attack on the USPS. According to the American media reports, many of the NOAA services were put under temporary maintenance or were taken down temporarily. One of the representatives of the company told the Washington post that they know it was an attack from the hackers and it originated from China.

The agency had failed to inform appropriate authorities regarding these attacks. Although there is enough evidence pertaining to these attacks, NOAA refused to comment on the issue pertaining to the Chinese attacks on the United States Satellite network and weather conditions. They haven’t confirmed if this attack affected their notification or impacted any classified data.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.