A Russian cyber-attack in July saw the Pentagon pull the plug on the entire unsecured email and internet system for the Joint Staff, it’s been revealed. Described as a “sophisticated cyber intrusion”, the incident saw email accounts of around 4,000 military and civilian personnel who work for the Joint Chiefs of Staff compromised, though officials aren’t decided yet on whether it was sanctioned by the Russian government or the handiwork of an independent player.
No classified documents or correspondence was taken, officials insist to CNBC. Nonetheless, it seems the haul has been well distributed.
According to the experts, an automated system raided the compromised accounts in short order, and then “within a minute” re-distributed it to “thousands of accounts” online.
Though the infiltration happened around July 25, it’s said, the Pentagon systems are still offline. They’re expected to be restored by the end of this week.
Responsibility for the hack has not been assigned, though “it was clearly the work of a state actor” officials tell CNBC.
Whoever it was, a “new and different vulnerability” was taken advantage of, senior Pentagon sources told CNN. All available patches and security updates were apparently installed, and investigations are still underway into how exactly the servers were infiltrated.
A temporary unclassified email system was established for senior Joint Staff officials, it’s reported.