The electronic intrusion was detected on July 25, officials said. The Pentagon immediately disabled the e-mail system, which is used by about 4,000 military and civilian personnel, in an attempt to contain the damage. The network remains offline, although officials said they hoped to restart it in the coming days, the report says.
The Defense Department disclosed the attack shortly after it occurred, but only in recent days have investigators traced it to Russia. Officials said the complexity and advanced nature of the hack strongly suggested that a foreign government was responsible.
“This attack was fairly sophisticated and has the indications. . . of having come from a state actor such as Russia,” said a U.S. official who spoke on the condition of anonymity to discuss details of the investigation.
Read alsoUS data hack may be four times larger than government originally saidThe officials cautioned that it is difficult to pinpoint the origin or perpetrator of such hacks. “Attribution in this business is near impossible. Rarely are you ever able to say with 100 percent certainty” who was behind a particular incident, the official said.
U.S. officials said the hackers penetrated the Joint Staff network with an old-fashioned technique known as “spear-phishing,” which relies on unsuspecting e-mail users clicking on links infected with malware.
In the recent attack on the Pentagon, officials said that only unclassified e-mails were exposed and that the damage did not appear to be significant. They said the Joint Staff’s classified networks were unaffected and are operating normally.
“We continue to identify and mitigate cybersecurity risks across our network, and we continue to investigate this incident, and our top priority is to restore services when we can,” said Navy Capt. Jeff Davis, a Pentagon spokesman.
There was no immediate reaction from Moscow. In the past, Russian officials have responded to such reports with sarcastic denials.
Washington’s allies in NATO have reported similar attacks, however, and have traced some intrusions back to shadowy groups with suspected ties to Russian intelligence services.
