State Department Still Pwned

Homeland Security Today and others are reporting that three months after the State Department admitted that hackers had gotten into their unclassified email system, the hackers are still there.  (see article)

While it is always fun to beat up government bureaucracies, it points out that sometimes getting hackers out is a hard thing to do.

There have to be a bunch of questions being asked at Foggy Bottom these days, such as:

  • How did the hackers get into the email in the first place – have we closed that door?
  • Where else are the hackers hiding that allow them to reinfect email?
  • Are there insiders helping the hackers?  Even unwittingly.

And so forth.

The article says that even though the NSA and outside contractors have been working on the problem, it is still a problem and it is not fixed.

Still, State Department employees are using that breached email system.  It is possible that NSA is watching what is going out – maybe – and that might make them feel better.  It is also possible that the NSA knows who the hackers are.  Hopefully, they have moved the more sensitive but still unclassified traffic to a different network.

As we watch Sony and Target and Home Depot and all the others wrestle with breaches and we look at the resources available to the State Department,  the fact that State can’t fix this problem after three months should make people concerned about what they would do if they were breached.

The statistics are that 60% (Experian) to 70% (First Data) of the small and medium size businesses that have a breach go out of business within six months.  I am certain that State is spending a LOT of money trying to get these guys out.  Without success.  What chance does the average business have of recovering from a significant breach?