In today's Wall Street Journal is an interesting article about the difficulty of getting hackers out, once they are in. [ Three Months Later, State Department Hasn’t Rooted Out Hackers ] Danny Yadron reports that after three months, the hackers still haven't been removed from the State Department's unclassified e-mail systems. Three months is a long time, and whatever excuses there may be for not getting this done, none will satisfy anyone who has ever had an incident like it. Only senior managers who are working against a solution could allow this kind of thing to go on that long.
Since the suspicion that the attack is coming from Russia, we don't need to wonder what the attackers would be interesting in. The Russians did the same thing in the Ukraine and several Eastern European countries, trying to find out who they could rely on and who they needed to isolate. This is out and out intelligence collection. The only difference is it is in a U.S. owned system that is supposed to be protected. Who is doing security of the State Department's computer systems? What is the damage assessment showing? Why can't the agency get this corrected? Why isn't Congress holding hearings on this right now? It might be nice to hear some of those senior people try to explain how they could allow this to go on for such a long time and not have the fortitude to do what it takes to correct the problem.
No comments:
Post a Comment