The network of USIS compromised by a cyber attack

Internal network of USIS was compromised by a cyber attack which has exposed Government Employees’ Data. Investigators speculate on a state-sponsored attack

The USIS (U.S. Investigations Services), which provides background checks for the US government was recently hacked. This is the second data breach in a few months that threaten US government. The USIS recently acknowledged that its network was violated by a cyber attack and experts that are investigating on the case believe that the authors of the attack could be a state-sponsored hacking team.

“We are working closely with federal law enforcement authorities and have retailed an independent computer forensics investigations firm to determine the precise nature and extent of any unlawful entry into our network,” “Experts who have reviewed the facts gathered to date believe it has all the markings of a state-sponsored attack.” announced the USIS in a statement. 

Early July, alleged Chinese hackers hacked the system of the Office of Personnel Management(OPM), for this reason the USIS is collaborating with the Bureau and the Department of Homeland Security (DHS) to track the authors of the attack and to estimate exactly the compromised data and the impact of the data breach.

Government offices and subcontractors are privileged targets for cyber criminals and state-sponsored hackers, last years according to official documents of The U.S. Department of Energy in different breaches employees’ and contractors’ personal information was exposed.

The DHS spokesman Peter Boogaard reported to The Hill that groups of hackers are targeting some agency which maintains employees’ information, for this reason the DHS is suggesting to the employees to monitor their financial accounts for suspicious activity and is alerting them on possible spear phishing attacks that could be arranged in the next months to steal further data from Government Offices.

According Boogaard data belonging to some DHS personnel may have been exposed, but at the time I‘m writing there is no news on the number of employee records exposed.

“Our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce”  “We are committed to ensuring our employees’ privacy and are taking steps to protect it.” Peter Boogaard said.

The journalists at The Washington Post  exclude a linked between the cyber attack on USIS and the data breach suffered in March 2014 by OPM.

“The intrusion is not believed to be related to a March incident in which the OPM’s databases were hacked, said officials, some of whom spoke on the condition of anonymity because they were not authorized to speak on the record.” states the Washington Post

It’s clear that such attacks represent a serious threat for the US Government, stolen information could be used by bad actors to organize dangerous attacks to critical infrastructure of the country.

Sen. Tom Carper, chairman of the Homeland Security and Governmental Affairs Committee, declared in a statement that this kind of incidents demonstrates the importance of cyber security in Homeland security.

“This latest report of a cyber attack on the major government contractor USIS is deeply troubling and underscores the scary reality of how much of a target our sensitive information has become in cyberspace,” “It also shows how urgent it is that we reform our laws to better combat attacks from malicious actors.” he said. 

The USIS breach “is very troubling news,”  “Americans’ personal information should always be secure, particularly when our national security is involved. An incident like this is simply unacceptable.” added said Sen. Jon Tester (D-Mont.), a Homeland Security Committee member.

It is necessary to improve security of high sensitive networks and maximize the information sharing between private companies and government entities to promptly identify cyber threats and adopt the necessary mitigation strategy.

Pierluigi Paganini

(Security Affairs –  USIS, cyber espionage)