In early September, 2013 the United States Navy had discovered a alleged Iranian hack of its largest unclassified computer network. The hack of US Navy’s computer network was done by a group either “working directly for Iran’s government [or] acting with the approval of Iranian leaders.” At that time it shook the US Naval establishment at that time and took it till November, 2013 to cleanse its system and purge the hack. While the issue was long forgotten and thought to be dead, new reports published in Wall Street Journal have indicated that the Iranian hack was indeed deeper than previously though. According to the WSJ, the lawmakers today expressed concerns about the security gaps in the US military computer systems which were exposed by this particular hack.
The new reports out today, say that the cyber attack which took place in September 2013, targeted the Navy Marine Corps Internet, which is used by the Navy Department to host websites, store nonsensitive and unclassified information, and handle voice, video, and data communications. It was further reported that the hackers were able to remain in on the Naval unclassified network till November 2013. The US Naval officials had in September 2013 maintained that the hack had been contained and the intruders had been removed. The WSJ story directly contradicts the US Naval officials and there seems to quite a bigger hole in the US computer network then expected.
“It was a real big deal,” a senior U.S. official told the Journal. “It was a significant penetration that showed a weakness in the system.”
The same official said that the hackers or alleged Iranians were able to remain on the US Naval unclassified network. This hack is considered by the officials as one of the most severest faced by the Defence, in fact the defence officials were surprised at that time at the skill and abilities of the Iranian hackers. The hackers were able to enter the network through a security gap in a public-facing website which received wide publicity and gave the hackers access to the communications, stores reports, call records etc. Though the network hosted only unclassified information but still it allowed the hackers to conduct active surveillance of US Naval personnel without actually snooping on them. Another Naval official said that no data was stolen nor any emails hacked by the hackers. This official said that they have no concrete evidence that the hackers were able to breach the classified U.S. computer networks using the above hack.
The issue has now come to head because the man who oversaw the US military response to this particular hack has now been nominated to head the USA’s premier snooping agency, the NSA. This gives some ammo and gun powder to the naysayers and some Congressmen who are against snooping of American citizens by the NSA. WSJ has reported that some of the Congressmen would want to question the would be NSA commander on this account. It remains to be seen whether Rogers would face some hard scrutiny on account of how the Iranian backed hackers managed to find the security gap. Though the vetting and confirmation hearing of Rogers has not been fixed yet, there is hope in the NSA cirlces, that this issue might have no bearing on his leadership qualities.
