NOAA, Other U.S. Agency Security Breaches: Connecting the Dots

NEWS ANALYSIS: After allegedly hitting USPS and the White House, nation-state attackers may be behind an incident involving NOAA.

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

NOAA security breach

The National Oceanic and Atmospheric Administration (NOAA) was breached by attackers, allegedly from China, in an attack that has now been contained. NOAA's areas of responsibility include the National Weather Service, and its overall operations include U.S.-operated satellites and imaging systems.

In a statement sent to eWEEK by NOAA spokesperson Scott Smullen, the agency notes that in recent weeks, four NOAA Websites were compromised by an Internet-sourced attack.

"NOAA staff detected the attacks, and incident response began immediately," NOAA states. "Unscheduled maintenance was performed by NOAA to mitigate the attacks. The unscheduled maintenance impacts were temporary, and all services have been fully restored."

NOAA also noted that the unscheduled maintenance did not prevent the agency from delivering forecasts to the public.

"The investigation is continuing with the appropriate authorities, and we cannot comment further," NOAA stated.

The NOAA statement makes no claims of attribution as to who might be behind the attack. A Washington Post report points fingers at hackers from China.

The NOAA breach is the third major attack that has been publicly reported against a U.S. federal government-associated agency in recent weeks. Earlier this week, the United States Post Office (USPS) publicly admitted that it was breached, exposing both employee and customer information.

In the USPS incident, no formal attribution has been made about who the attackers are or where they came from, though China is also suspected of being involved in the attack.

At the end of October, the White House network was also breached. In that incident, attackers from Russia are suspected to be involved.

In the USPS, White House and now NOAA breaches, all of the agencies responded by shutting down parts of their network for a period of time in order to remediate the risk.

While NOAA is only today admitting to the breach, its statement indicated that it occurred in "recent weeks," which might potentially place the attack in the same timeframe as the USPS and White House incidents. While the USPS breach was only disclosed this week, Congress was notified of the attack in September in a classified briefing.

In a statement, Reps. Darrell Issa (R-Calif.), chairman of the House Oversight and Government Reform Committee, and Blake Farenthold (R-Texas), chairman of the House Oversight Committee Subcommittee on Postal Service, took issue with the lack of information about the USPS breach.

"The Committee will also be seeking information about why the Administration waited two months before making the news of this attack public and preventing victims from taking proactive measures to secure their own information," the Congressmen stated. "We have not been told why the agency no longer considers the information classified."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.