Two weeks ago hackers took control of 14 servers and 20 workstations at the U.S. Department of Energy (DOE), obtaining personal information including names, social security numbers, driver’s license numbers, pictures, fingerprint and handwriting samples, dates of birth and family information for hundreds of DOE employees. The hackers did not gain access to classified information which investigators believe was the target of the attack.
Until yesterday, the hacker group Anonymous was viewed as a potential perpetrator since one of their factions, Parastoo, claimed responsibility on pastebin. However, the posted information was dated and investigators believe Parastoo is not responsible for the attack. According to an article published on February 4 in the Washington Free Beacon, unnamed government officials confirmed that the attack involved a foreign nation state. This nation state is most likely China based on repeated attempts by Chinese hackers to gain access to DOE information and the value such information has to Chinese efforts. If so, this employee information will probably be used to launch further attacks and gain the confidence of DOE employees with access to sensitive information.
The DOE and FBI are still investigating the incident but speculation abounds as to how the attack on their systems took place including weak server security configurations, poor user training and an over-reliance on outdated methods. The security of DOE systems has certainly been called into question and some suggest that government agencies such as the DOE should rely more on the help of industry experts and security firms.