The hacking of the Joint Chiefs of Staff email network on July 27 marked the "most sophisticated" cyberbreach in U.S. military history, Department of Defense officials concede. Various government officials are working to revamp parts of their network in response. In the meantime, officials have spent the last 10 days scrubbing the system and creating mock hacking scenarios before giving military personnel access to it again.
The attack on the Joint Staff network involved “new and unseen approaches into the network,” one of the defense officials told The Daily Beast. After scrubbing it, putting in new protections and red teaming potential attacks “ we are sharing the lessons learned with the rest of government.” According to a second defense official, the attack was a spear phishing attack targeting the personal information of scores of users. The attack was so sophisticated officials are investigating whether a “state entity” was involved, the official said.
At a briefing with reporters Wednesday, Navy Capt. Jeff Davis told reporters that the attack did not threaten military operations since it was limited to the unclassified network. Military personnel often operate on two computer systems, one unclassified and one classified. Until the system is resolved, the Joint Staff is operating on an alternative, classified system.
— Nancy A. Youssef