The United States Department of State has suffered a “possible serious breach” by a cyberattack from an unknown source according to sources within the Department of Defense Cyber Command. The story was broken by Fox News’ Jacqui Heinrich on August 21st. What data was compromised and to what extent isn’t presently known. We don’t even know for certain when the breach occurred with the notification saying it was “believed to have happened a couple of weeks ago” or when it was discovered. However, Jacqui Heinrich tweeted,
“The scope of this attack can be inferred, to an extent, by congressional notification requirements. Under federal law each agency determines whether the cyberattack or info security incident meets “major incident” criteria – if so, they are required to tell Congress within 7 days”
Henrich also reported that a Department of State spokesman told her,
“The Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected. For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time.”
Dept. Of State Operations & Afghanistan Evacuation
While it’s being kept deliberately unclear whether the State Department’s operations have been impacted by the attack, Fox News has reported that the ongoing efforts to evacuate thousands of Americans and Afghans from the fall of Kabul had not been affected.
According to Reuters, “a knowledgeable source told Reuters the State Department has not experienced significant disruptions and has not had its operations impeded in any way.” Although the legacy mainstream media outlet wouldn’t confirm the incident actually occurred.
WION News reports that Senator Rob Portman (R-OH) has raised concerns saying
“The bipartisan report earlier this month showed there is a sustained failure to address the cybersecurity vulnerabilities at federal agencies. And that until the federal government takes cybersecurity defenses seriously: breaches will continue to occur and put America’s data at risk.”
In an extremely rare display of bipartisanship, Congressman Ted Lieu (D-CA) is demanding the Senate take up his “State Department Authorization Act, which includes Rep. Lieu’s Hack Your State Department provision”
— Ted Lieu (@tedlieu) August 21, 2021
“As a recovering computer science major, I know how important it is for the government to take cybersecurity threats seriously,” Rep Lieu said. “Few places in government face as many threats from spies and foreign adversaries than the State Department, which is why ensuring the agency has strong cybersecurity protections is so important. Many private sector businesses already regularly utilize bug bounty programs, and we’ve seen success in implementing one at the Pentagon. Expanding these kinds of programs to the State Department can help us ensure our national secrets are secure. I’m pleased the House agrees and I look forward to championing this provision so it becomes law.”
Lieu had previously worked with Congressman Scott Taylor (R-VA) to pass a similar bipartisan bill to secure the Dept. of Homeland Security against cyberattacks in 2018.