- Joined
- Jul 2, 2012
- Messages
- 184
- Points
- 0
Chinese hackers behind US weather service cyberattacks, report claims
Agency under fire for waiting weeks to admit the breach of its computer system, which it reportedly has blamed on China
PUBLISHED : Thursday, 13 November, 2014, 10:26am
UPDATED : Friday, 14 November, 2014, 4:33am
The Washington Post
A radar dish used by the National Weather Service. Photo: AP
Hackers from China breached the US federal weather network recently, forcing cybersecurity teams to seal off data vital to disaster planning, aviation and other crucial uses, officials said.
The intrusion occurred in late September but officials gave no indication that they had a problem until October 20, according to three people familiar with the hack and the subsequent reaction by the National Oceanic and Atmospheric Administration (NOAA), which includes the National Weather Service. Even then, the NOAA did not say its systems were compromised.
Officials also said that the agency did not notify the proper authorities when it learned of the attack.
NOAA officials declined to discuss the suspected source of the attack, whether it affected classified data, and the delay in notification. The NOAA said publicly in October it was doing "unscheduled maintenance" on its network, without saying a computer hack made that necessary.
In a statement, NOAA spokesman Scott Smullen acknowledged the hacks and said "incident response began immediately". He said all systems were working again and forecasts had been accurately delivered.
But the agency told US congressman Frank Wolf that China was behind the attack, he said.
Wolf has a long-standing interest in cybersecurity and asked the NOAA about the incident after an inquiry from The Washington Post.
"NOAA told me it was a hack and it was China," said Wolf, who also scolded the agency for not disclosing the attack. "They had an obligation to tell the truth. They covered it up."
Commerce Department inspector-general Todd Zinser said his office was not notified of the breach until November 4, well after he believed the hack occurred. He said that was a violation of agency policy requiring any security incident to be reported to his office within two days of discovering the problem.
"We're in the process of looking into the matter, including why NOAA did not comply with the requirements to notify law enforcement about the incident," Zinser said.
Wolf said he did not know what information was accessed.
Confirmation of the NOAA hack followed an admission on Monday by the United States Postal Service that a suspected Chinese attack - also in September - compromised data of 800,000 employees.
NOAA officials also would not say whether the attack removed material or inserted malicious software in its system, which is used by civilian and military forecasters in the US and feeds weather models at the main centres for Europe and Canada.
NOAA's National Ice Centre website was down for a week in late October. The centre is a partnership with the US Navy and coastguard to monitor conditions for navigation.
The two-day outage skewed the accuracy of National Weather Service long-range forecasts slightly, according to NOAA.
The attack in September hit a web server that was connected to many NOAA computers, said one person familiar with the incursion. The server was protected, but the person compared the security to leaving a house protected by "just a screen door".
Smullen's statement said that four sites were hit by the breach.
The hack may have been aimed less at manipulating weather data than finding an opening in a US system to exploit, said Jacob Olcott, a cybersecurity consultant and former Senate staffer. "The bad guys are increasingly having a hard time getting in the front of these agencies," he said.
"So they figure 'if I can't get in the front door, I'd ride along in with someone who has trusted access and maybe ride that connection to bigger agencies'."
