Resolving an assault on a system is not a one step process. It takes time and attention to detail and so it is not surprising an Iranian hack of the Navy’s largest unclassified computer network took more than four months to resolve.
Current and former U.S. officials, reported late Monday the cyber attack targeted the Navy Marine Corps Internet, used by the Navy Department to host websites, store nonsensitive information, and handle voice, video, and data communications, according to a report in The Wall Street Journal.
The hackers were able to remain in the network until this past November, according to the report. That contradicts what officials said when the attack first went public in September. At the time, officials said the intruders had been removed.
“It was a real big deal,” a senior U.S. official told the Journal. “It was a significant penetration that showed a weakness in the system.”
The quoted official said the Iranians were able to conduct surveillance and compromise communications over the unclassified computer networks of the Navy and Marine Corps. However, another senior official told the Journal no e-mail accounts suffered compromise hacked and no data ended up stolen. There is also no evidence that Iran was able to penetrate classified U.S. computer networks.
This cyber attack is one of the one of the most serious infiltrations of government computer systems by the Iranians. U.S. defense officials seemed surprised at the skill of the hackers, who were able to enter the network through a security gap in a public-facing website, according to the report.