China-based hackers have breached government email accounts in a cyber attack intended to collect intelligence, The New York Times reported Tuesday.
In total, approximately 25 organizations and government agencies have been affected by the hack, which targeted specific accounts rather than broader organizational networks. According to Adam Hodge, a White House National Security Council spokesman, classified networks were not affected by the attack, and there is an ongoing assessment to identify how much information was compromised.
GovCon Expert Chuck Brooks, president of Brooks Consulting International, told Executive Mosaic that the news is “not surprising,” but that despite this major vulnerability, government agencies are still making positive strides in strengthening the nation’s cybersecurity.
“Government is playing a game of catch up with legacy systems, and agency networks are still potentially exposed from millions of current and past users. The attack surface is a huge one for targeting by state actors,” said Brooks. “As SolarWinds demonstrated, adversaries are likely already lurking in networks.”
The breach is reported to be smaller and less damaging than the SolarWinds hack of 2020, but experts believe it could still provide critical U.S. information to the Chinese government and intensify the ongoing competition between the two countries during a time in which relations are somewhat strained.
“The good news is that I believe the government, led by CISA, NSA and DOD, has recognized the vulnerabilities and are on the right path to closing gaps with policies of zero trust and security by design. Enhancing the public private partnership with intelligence threat sharing for critical infrastructure is also being accelerated,” Brooks shared.
Read Brooks’ latest GovCon Expert piece here for more insights on the country’s cybersecurity posture.
“Mitigating the threats will take time but discovering and fixing the vulnerabilities, and employing risk management roadmaps are a prudent way to make sure the future will be more cyber secure,” he added.
For the latest news and developments on intelligence threats, join the Potomac Officers Club’s 9th Annual Intel Summit on Sep. 21. Don’t miss your chance to learn from and network with intelligence community leaders from NGA, CIA, ODNI and more. Register here.
