back to article US State Department confirms: Unclassified staff email boxes hacked

The US State Department has confirmed one of its email systems was attacked, potentially exposing the personal information of some of its employees. Uncle Sam's officials said in a statement to The Register on Tuesday that "suspicious activity" in its email system led it to send out warnings to a number of employees whose …

  1. Doctor Syntax Silver badge

    "no classified data had been accessed – those documents are transmitted through a separate email system."

    Always? Really? Sure?

    1. Anonymous Coward
      Anonymous Coward

      Always? Of course not, the only people who would believe that are partisans who think only democrats use private email servers or otherwise mishandle classified information in email.

      The reasons why people skirt the law using private email servers (to hide what they did from future investigations, or try to) or send classified info on the unclassified system (because the classified system is a pain to use) are the same regardless of what party one belongs to.

      Breaking into the whole unclassified system probably revealed more classified info than Hillary's email leaks did, but you'll never the see the republicans launch any investigation intended to find that, and if they do they'll keep that conclusion classified. Just as democrats would have whitewashed the Hillary investigation had they been in charge.

    2. Flywheel

      That'll be the email server under Hillary's desk then ... I feel reassured now.

      1. Antron Argaiv Silver badge
        Thumb Up

        Hillary's server *wasn't* hacked

        Perhaps she wasn't so dumb after all.

        1. Anonymous Coward
          Anonymous Coward

          Re: Hillary's server *wasn't* hacked

          I tried making that point here once, that given the compromises in US government email elsewhere that the State Department would probably get compromised eventually so the idea that Hillary's insecure server was somehow less secure than the official server was misplaced faith.

          The problem I had with what Hillary did was not the smattering of inconsequential classified stuff that ended up leaking out. That's nothing compared to the state department cables Manning released, or the stuff Trump is busy randomly declassifying piecemeal (only the stuff he thinks will make him look good, but not the stuff that will make him look bad)

          My problem with Hillary's use of a private email server was WHY she did it. It was quite obviously calculated to prevent her political opponents from trawling through it, looking for any little detail that could make her look bad. Well, that plan kind of blew up in her face, huh! Ironic how all the republicans who were so upset about her are looking the other way at Trump staffers doing exactly the same.

          1. DryBones

            Re: Hillary's server *wasn't* hacked

            Or... Or, the State Department's IT was as rubbish as this article makes it out to be, and having the private server was the only way to get any fardling thing DONE. Think of all the ways that IT can misconfigure or otherwise screw things up related to needing to access one's email all over the globe. Leave DC, oops no email. Etc, etc. Multiple people did this sort of thing, maybe it's because the red tape was as bad as you expect it to be, PHB^2.

            It's hilarious irony that it appears to have been more secure against attack than the State Department's servers. What can you do? Snigger and carry on.

            1. Anonymous Coward
              Anonymous Coward

              Re: Hillary's server *wasn't* hacked

              The State Department server wouldn't necessarily have to be less secure than Hillary's server. Hillary's server was not well known until it became infamous, so there would be fewer attacks against it attempted. Sure, some state level actors might be among those if they knew about it, but they'd rather get into the State Department servers since it would have everyone's email (including Hillary's, except for emails that didn't include any other State Department senders or recipients) instead of just one person's.

  2. elDog

    Why is there even another "unclassified" State Department email system?

    Every employee and probably every mole and other rodent has their own personal accounts that they access while inside the confines of an official DoS premises.

    I think the real damage is that careless staffers will "inadvertently" copy emails and attachments from the secure channel to something that is more friendly to outside snoopers.

    Too bad that the knowledgeable career staffers were purposefully kicked out or rendered non-functioning by our KGB-installed president. None of the earlier spy thriller novelists could have predicted this planned chaos.

    1. Anonymous Coward
      Anonymous Coward

      Re: Why is there even another "unclassified" State Department email system?

      This might explain the 'why' - WTF??? - "Won’t patch systems? Never run malware scans? Welcome to the US State Department!"

      https://www.theregister.co.uk/2018/08/30/state_department_fail/

    2. bombastic bob Silver badge
      Coat

      Re: Why is there even another "unclassified" State Department email system?

      It was Mrs. Clinton who set it all up...

      1. CrazyOldCatMan Silver badge

        Re: Why is there even another "unclassified" State Department email system?

        It was Mrs. Clinton who set it all up...

        Just when I was thinking that an element of sanity and reality was starting to seep into Bob's world he goes and posts something like this.

        Oh - and if he's going to try to claim that "it was all a joke" - well, jokes have to have an elemnt of truth or cleverness to be funny..

  3. Grikath
    Black Helicopters

    I don't buy this....

    Not that there's been a breach.... Obviously so...

    But I cannot believe that with the US state being so triggerhappy to deem everything "Classified" , there is such a rare beast as a "Unclassified Employee" in the entire US government ecosystem.

    Go pull the other one..

    1. Anonymous Coward
      Anonymous Coward

      Re: I don't buy this....

      Having held a Top Secret clearance at one time, and seeing some of the things that are classified (IP addresses and hostnames of internal machines in the DoD are either Secret or Top Secret, I can't remember) it is pretty ridiculous.

      Anything that really really needs to be classified is SCI. Or at least I assume so, having never had codeword access I never saw any of those secrets.

  4. Florida1920
    FAIL

    But you didn't take measures to prevent it, did you?

    "Like any large organization with a global presence, we know the Department is a constant target for cyber attacks."

    1. bombastic bob Silver badge
      FAIL

      Re: But you didn't take measures to prevent it, did you?

      "a constant target for cyber attacks" - especially if they're using Outlook or a Microsoft server.

      Gotta stop letting people preview attachments inline (or worse, CLICKING on them!) and clicking on links in HTML mail. "Must install this application to view content" - "OK".

      /me sees a solution involving a clue bat and a cat5 o' nine tails.

  5. Mark 85

    Given all the data breeches in both government and in businesses, is there anyone left who personal info hasn't been taken in the hack? The size and apparent length of most of these attacks before being detected is mind-boggling.

  6. Alister

    data breeches

    Awesome! Trousers with storage in them, what a great idea!

    1. Mystic Megabyte
      Happy

      @Alister

      Is that a memory stick in your pocket or are you just glad to see me?

    2. CrazyOldCatMan Silver badge

      Trousers with storage in them, what a great idea!

      And given how tight breeches usually are (jodhpurs are a modified form of breeches) I'd really, really not want to see yer average American in them..

  7. Anonymous Coward
    Anonymous Coward

    Article Search

    [Ctrl] + [F]

    hillary

    0 matches

    Huh.

    1. Clunking Fist
      Devil

      Re: Article Search

      Article Search

      [Ctrl] + [F]

      Richard Windsor

      0 matches

      Huh.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like