Hackers Have Compromised a DoD Agency in Charge of Secure White House Communications

Several years ago, the US Office of Personnel Management (OPM) suffered a data breach that exposed millions of records that belonged to government employees. It was a pretty serious attack, and in its wake, another agency by the name of Defense Information Systems Agency (DISA) was called in to boost the security of the government's IT systems. Reuters recently revealed that last year, DISA, like OPM, suffered a data breach.

What we know about the DISA breach

Apparently, in May 2019, hackers infiltrated DISA's networks, and they stayed there for the next two months. During that period, they stole what has been described as Personally Identifiable Information (PII). The details are scarce, but we do know that the names and Social Security Numbers of people who worked for DISA have been affected. The agency is in the process of informing the victims, who can receive credit monitoring service paid for by DISA.

This just about sums up everything we know about the breach, which, considering the fact that we're talking about a high-level government organization, could make quite a lot of people feel a bit uncomfortable.

What we don’t know about the DISA breach

The incident became public after Reuters obtained a photograph of a letter signed by Roger S. Greenwell, DISA's Chief Information Officer, and sent to the victims of the breach. It's dated February 11, and it states that while the PII was definitely accessible to the hackers, there's no evidence of any actual misuse of the data.

Once the cat was out of the bag, a number of news outlets got in touch with Government officials and asked for more information on the breach. The responses were not exactly detailed.

According to Forbes, the breach could be affecting as many as 200 thousand people, but DISA has yet to confirm or deny that number. The agency hasn't revealed why it has just started informing people about the incident, and although it did say that the investigation is now complete, it prefers not to disclose what it has uncovered.

Some security firms have already started speculating around the potential involvement of state-sponsored hacking groups, but DISA has yet to point any fingers. The agency won't even tell the public how the hackers got in and what sort of digital assets they managed to get their hands on.

In the wake of such a breach, it is only normal to expect that some of the details will remain confidential. Unfortunately, this won't make people feel any less concerned.

What are the potential consequences of the attack on DISA?

As you may have figured out already, we're not talking about a regular data breach. DISA is a part of the US Department of Defense, and it's tasked with handling a lot of information that could be extremely dangerous if it falls into the wrong hands. DISA's responsibilities include organizing the secure communication between the White House and government officials, facilitating the exchange of information in combat zones, and taking care of the US Army's cybersecurity issues. The solutions it supports and develops process a lot of state and military secrets that can affect the lives of millions if they are revealed.

Nobody can say for sure how much confidential information can be found in DISA's systems, and we can only guess whether any of it was put at risk during last year's breach. The mere fact that hackers managed to break through the agency's defenses is concerning enough, though, and it is proof (as if proof was needed) that no one is immune to cyberattacks.