WASHINGTON - Hackers from China breached the federal weather network recently, forcing cybersecurity teams to seal off data vital to disaster planning, aviation, shipping and scores of other crucial uses, officials said.
The intrusion occurred in late September, but officials gave no indication that they had a problem until Oct. 20, according to three people familiar with the hack and the subsequent reaction by the National Oceanic and Atmospheric Administration, or NOAA, which includes the National Weather Service. Even then, NOAA did not say its systems were compromised. Officials also said the agency did not notify the proper authorities when it learned of the attack.
NOAA officials declined to discuss the attack's suspected source, whether it affected classified data or the notification delay. NOAA said publicly in October that it was doing 'unscheduled maintenance' on its network, without saying a computer hack made that necessary.
In a statement released Wednesday, NOAA spokesman Scott Smullen acknowledged the hacks and said 'incident response began immediately.' He said all systems were working again, and that forecasts were accurately delivered to the public. Mr. Smullen declined to answer questions beyond his statement, citing an investigation into the attack.
But the agency confirmed to U.S. Rep. Frank Wolf, R-Va., that China was behind the attack, the congressman said. Mr. Wolf has a long-standing interest in cybersecurity and asked NOAA about the incident after an inquiry from The Washington Post.
'NOAA told me it was a hack, and it was China,' said Mr. Wolf, who also scolded the agency for not disclosing the attack 'and deliberately misleading the American public in its replies.' He added: 'They had an obligation to tell the truth. They covered it up.'
Commerce Department Inspector General Todd Zinser said his office was not notified of the breach until Nov. 4, well after he believes the hack occurred. He said that is a violation of agency policy, requiring any security incident to be reported to his office within two days of discovering the problem. 'We're in the process of looking into the matter, including why NOAA did not comply with the requirements to notify law enforcement about the incident,' Mr. Zinser said.
Mr. Wolf said he did not know whether the breach involved classified material, or what information was accessed.
Confirmation of the NOAA hack followed an admission Monday by the United States Postal Service that a suspected Chinese attack - also in September - compromised data of 800,000 employees, including letter carriers on up through the postmaster general.
NOAA officials also would not say whether the attack removed material or inserted malicious software in its system, which is used by civilian and military forecasters in the United States and also feeds weather models at the main centers for Europe and Canada. NOAA's National Ice Center website also was down for a week in late October. The center is a partnership with the U.S. Navy and U.S. Coast Guard to monitor conditions for navigation. The two-day outage skewed the accuracy of National Weather Service long-range forecasts slightly, according to NOAA.
The attack in September hit a web server that connects to many NOAA computers, according to one person familiar with the incursion. Mr. Smullen's statement said four sites were hit by the breach.
Weather satellites orbit hundreds to thousands of miles above the Earth and offer continuous views of weather systems such as hurricanes, thunderstorms and cold fronts, while also measuring temperature and moisture at different altitudes - all crucial bits that get fed into prediction models. To get that information to the public, NOAA makes satellite data and imagery available through the Web as well as file transfer networks for downloads.
NOAA has characterized its decision to cut off satellite images as causing a minimal disruption. But it has previously touted those same systems as intrinsic to the nation's 'environmental intelligence.' NOAA satellites 'provide critical data for forecasts and warnings that are vital to every citizen and to our economy as a whole,' NOAA Administrator Kathryn Sullivan said a year ago.
The hack may have been aimed less at manipulating weather data than finding an opening in a U.S. system to exploit, said Jacob Olcott, a cybersecurity consultant now with Good Harbor Security Risk Management and former Senate staffer on cybersecurity legislation. Mr. Wolf said a hack could steal technical insights or cull isolated information ' that may not look significant
The October satellite data outage meant the National Weather Service and centers around the world did not receive large amounts of information.
Commercial interests also were affected by the breach. Delta Airlines overcame the loss of data it normally incorporates into pilot briefings about aviation hazards. But its flying customers were spared trouble by added work of the airline's meteorologists and information technology specialists, who used alternative sources of information, spokesperson Morgan Durrant said.
In Melbourne, Fla., the satellite images bolster the ocean fishing forecasting service run by Mitchell Roffer. His company downloads images 'constantly' and immediately realized around Oct. 20 that the information was out of date. 'We went up the chain, asking when we could expect it back, and no one was talking for several days.'
United States - North America - East Asia - Asia - United States government - China - Greater China - Frank Wolf - National Oceanic and Atmospheric Administration
from Google News http://#
via IFTTT
0 Response to "Chinese said to hack US Weather systems, satellite network"
Posting Komentar