Russian hackers breach Pentagon email system

US Department of Defense email shut down and officials point the finger at Russia

The Pentagon's email system has been shut down for almost two weeks following a cyber intrusion which is believed to have originated in Russia.

According to NBC, a "sophisticated cyber attack" against the headquarters of the United States Department of Defense targeted the organisation's Joint Staff unclassified email system. The system was shut down following a security breach, which is believed to have occurred around July 25.

That was almost two weeks ago and the system remains offline, affecting 4,000 military and civilian personnel who work for the Joint Chiefs of Staff - the body of military leaders who advise the United States Secretary of Defense.

News of the cyber attack against the Pentagon comes shortly after security researchers from FireEye claimed Russian government-backed hackers breached networks of US government and defence industry computer systems by using Twitter.

Pentagon sources familiar with the email breach suggest the cyber attack was based on an automated system which gathered huge amounts of data then distributed the information across the internet. US officials believe the hack was coordinated using encrypted accounts on social media and that the attack originated from Russia.

"It was a spear-phishing attack traced to that country," said one official, who declined to be named during an ongoing investigation. A second official also described Russia as the "leading suspect" behind the intrusion, which has been described as "clearly the work of a state actor".

It isn't the first time the US has accused Russia of being behind cyber attacks on American computer networks and infrastructure; the US Internal Revenue Service (IRS) believes a data breach that saw the theft of details of about 100,000 people originated in Russia.

Officials stress that no classified data has been compromised and that only unclassified email accounts have been hacked. The email system was shut down in order to reduce the impact of the attack and the Pentagon expects it to be back online in the near future.

Despite the Pentagon acting quickly to shut down systems following the attack, Haiyan Song, senior vice president of security markets at Splunk, suggests the full extent of what has been lost is difficult to determine.

"These attackers took enough data in a few minutes to shut down a vast email system for two weeks - the ramifications of which may not be fully known," she said and warned that stolen details mean the perpetrators will attempt further thefts.

"While shutting down the system was a good isolation measure, you can be assured security teams are investigating further to understand the scope of this attack. When credentials get stolen, additional and more damaging attacks are inevitable."

Song argued that the only way for organisations to minimise the impact of cyber attacks is to ensure that their cyber defences are as secure as possible.

"It is well known that cyber space is the new front line. If we are not better prepared, we will continue to see stories like this play out, and there will be ongoing threats to national security," she said, adding that collaboration is key.

"It is the responsibility of government and industry to work together and find comprehensive policy and technology solutions that better equip agencies' security teams," Song concluded.

The data breach at the Pentagon comes after Admiral Mike Rogers, director of the National Security Agency and head of United States Cyber Command, warned organisations that they must assume their networks will be breached by cyber criminals and hackers.