NOAA, Postal Service Reportedly Targeted By Cyber Attacks

Chuck Bednar for redOrbit.com – Your Universe Online
Just days after the US Postal Service reported that it had been targeted by a cyber attack, reports have surfaced that the National Oceanic and Atmospheric Administration (NOAA) may have covered up a late September breach of the National Weather Service (NWS) and NOAA’s satellite network.
According to a Wednesday article by Mary Pat Flaherty, Jason Samenow and Lisa Rein of The Washington Post, NOAA was victimized by Chinese hackers and was forced to seal off data considered to be essential for disaster planning, aviation, shipping and other purposes.
However, sources told the three reporters that officials at the agency did not inform authorities there was an issue until October 20, and even when they did, they gave no indication that their systems had been compromised. Instead, NOAA publicly stated in October that it was performing “unscheduled maintenance” on its computer network, giving no indication that the work might have been necessitated by a hacking incident.
On Wednesday, the agency confirmed that a total of four of its websites were affected by the attacks, according to IDG News Services. The agency went on to state that the impact of the maintenance was temporary, that all services had been fully restored and that the attacks did not prevent the weather service from delivering forecasts to the public, USA Today added.
NOAA spokesman Scott Smullen said the investigation into the incident was ongoing, and that he was not able to detail specifically what had been attacked or why, but the revelation came just days after the postal service revealed Social Security numbers and other personal information of nearly one million individuals might have been compromised in a similar incident, according to Time’s Jack Linshi.
“The intrusion is limited in scope and all operations of the Postal Service are functioning normally,” said USPS media relations manager David Partenheimer in a statement, according to Linshi. “We began investigating this incident as soon as we learned of it, and we are cooperating with the investigation, which is ongoing. The investigation is being led by the Federal Bureau of Investigation and joined by other federal and postal investigatory agencies.”
Among the reported 800,000-plus people who might have had their names, addresses and Social Security numbers impacted by the incident were postal service employees, directors, regulators and retirees, according to The Wall Street Journal. Some customers might also have been affected, though to a lesser degree, officials noted.
“Post office customers who contacted the Postal Service Customer Care Center via telephone or e-mail between Jan. 1 and Aug. 16 may have had their names, addresses, telephone numbers or e-mail addresses compromised, the USPS said, but added there’s no evidence to suggest customers’ credit card information was stolen or hacked,” Linshi added. Postal service employees who were affected have been notified.
USPS spokesman David Partenheimer told WSJ reporters Laura Stevens, Danny Yadron and Devlin Barrett that the agency first became aware of suspicious activity in mid-September, and that hackers managed to infiltrate its information systems shortly afterwards – meaning that, by all indications, the USPS and NOAA incidents would have occurred during approximately the same time frame.
Partenheimer added that the agency took immediate action, bringing in outside experts to investigate and bring an end to the attacks. The USPS spokesman added that the postal service decided to delay publically revealing the attacks because they feared that the probe could have been jeopardized.
The source of the attack is said to still be under investigation, but Ellen Nakashima of The Washington Post said that it is also believed to be the work of Chinese hackers. While China has consistently denied such allegations, Nakashima noted that it has been linked to recent attacks involving the Office of Personnel Management and USIS, a contractor that performs security-clearance checks for the government.
—–
Follow redOrbit on Twitter, Facebook and Pinterest.