Dodgy Word document bought down State Department

THE US STATE Department has admitted that its network was compromised last summer when employee in Asia opened a dodgy e-mail that quietly allowed hackers inside the U.S. government's network.

Quite why it has taken the State Department so long to come clean about the attack is not clear, especially as officials seem to be talking up the attack now.

Describing the attack as 'elaborate' a senior State Department official told AP that it was a ploy by sophisticated international hackers using "a secret break-in technique" that exploited a design flaw in Microsoft Office software.

Because the State Department didn't tell anyone, including Microsoft, other companies and government departments remained vulnerable to the flaw for months.

Donald R. Reid, the senior security coordinator for the Bureau of Diplomatic Security, said that a limited amount of U.S. government data was stolen by the hackers until tripwires severed all the State Department's Internet connections throughout eastern Asia.

The security feature meant that US government offices without Internet access just as North Korea started tested its missiles.

Reid moaned that the State Department's desire to keep its efforts to deal with the break-in quiet were disrupted by pesky reporters. The Associated Press was first to reveal the intrusions. As a result Microsoft issued a patch and the world's computer systems were protected from a similar hack. Reid is going before a House Homeland Security subcommittee to explain the department's actions.

More here. µ