Official: State Department Hit By Hackers ‘Thousands of Times a Day’

Breaches have occurred in some cases

Heather Higginbottom
Heather Higginbottom / AP
April 23, 2015

A senior State Department official admitted on Wednesday that the agency’s networks face "thousands" of cyber attacks by hackers on a daily basis and that breaches have occurred in some cases, according to testimony presented before Congress.

The revelations comes a day after a separate State Department official admitted that numerous hackers have "attacked" the sensitive government network and that "it has affected us."

The day after Steve Linick, the State Department’s inspector general (IG), made this disclosure before the Senate Foreign Relations Subcommittee, Deputy Secretary Heather Higginbottom revealed that cyber attacks are widespread and consistent.

"We are attacked every day, thousands of times a day," Higginbottom told lawmakers in response to questions by Sen. David Perdue (R., Ga.). "So we have to work—those are difficult issues, but we're looking at that now and examining it. It's also important that we understand the costs."

"I can tell you, senator, that we have been breached," she said.

Linick admitted on Tuesday that "there is evidence [the department’s network] has been attacked, and it has affected us."

Linick added that he could not "really go into details because of the nature of the information."

"These persistent, daily attacks on State Department’s networks demonstrate the urgency for the Inspector General to have an independent network so his team can conduct oversight and investigations of the State Department," Sen. Perdue said. "There are thousands of administrators that work for State, who have the ability to modify or delete information, and could even pose as IG employees. This certainly is an issue for an IG who needs to conduct sensitive and confidential investigations."

Higginbottom’s disclosure that thousands of cyber attacks are hitting the State Department’s networks each day come just months after officials were forced to shut down the internal email system following concerns that hackers had penetrated it.

These cyber attacks have also affected the IG’s ability to carry out oversight since it is currently forced to share the department’s internet network.

The IG has been working for some time to separate his office’s online activity from the State Department.

State Department officials are said to have accessed the IG’s network without first receiving approval. This could compromise the integrity of ongoing investigations.

Higginbottom said she is now working with Linick to find a way to erect a firewall between the two networks.

"We worked through the issue of trying to get a [memorandum of understanding] so that there was notification of any entry onto the [IG’s] system," Higginbottom told Purdue on Wednesday.

Linick testified on Tuesday that he has already "asked the Department to agree not to come on to our system without asking permission."

In addition, the State Department has dragged its feed when informing the IG about allegations of serious criminal misconduct.

A key issue "is our [lack of] ability to get early notification of misconduct involving serious or criminal activity, and our ability to investigate that, at least decide whether we are going to investigate that, and return it back to the Department," he said. "So that’s our number one issue."