State investigating cyberintrusion

The State Department is investigating an intruder breaking into unclassified department IT systems, starting with embassies and offices in the East Asia/Pacific region and migrating to department headquarters.

State cybersecurity personnel took immediate steps when they detected the intrusion, and initial findings show that they prevented any loss of sensitive U.S. government information, a State spokesman said. When first detected, the intruder was at a location containing a small amount of data.

'This was a textbook example of how you protect, monitor, detect and immediately address challenges to the integrity of the computer system in terms of cybersecurity,' State spokesman Sean McCormick told reporters today at a briefing.

He tried to downplay the importance of the intrusion by noting that all public and private organizations must be vigilant against cyberintrusions every day. McCormick would not give a timeline of the event or State's response because he did not want to tip off hackers to department methodology, McCormick said.

'You have to assume that people are trying to [get] into your systems every day,' he said.

In response, State has taken administrative steps, which he would not disclose, and also changed the passwords for some personnel. A forensic examination is ongoing to determine what happened and learn from it .No gaps were found in cybersecurity policies, and no changes will result from the incident, he said.

The cyberintrusions were first detected at some U.S. embassies and offices in the East Asian and Pacific region, he said. Those offices work on issues relating to China and North Korea. As part of the interagency task force that cooperates on cybersecurity, State notified the appropriate agencies, including the FBI.

About the Author

Mary Mosquera is a reporter for Federal Computer Week.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected