US Navy hack turns out to be bigger than expected

The attack by probably Iranian hackers on US Navy systems was more sophisticated than expected. It wasn’t until November, two months after the hack was discovered, that the hack was completely repelled.

In total, the hackers, who probably came from Iran, spent four months in the Navy’s systems, writes The Wall Street Journal. The security vulnerabilities that the hackers exploited were fixed as early as October, but it took another month to remove all spyware from the Navy’s network.

The US Department of Defense was impressed by the hackers’ technical skills, according to the newspaper. They allegedly entered through a public Navy website, and then were able to penetrate further into the network thanks to holes in the network’s security. Then they would have installed a backdoor. The attackers had access to a defense intranet, but no classified documents had been posted on it. There is no indication that the hackers gained access to classified information.

The attack by the Iranian hackers is said to have uncovered a large number of security vulnerabilities in the networks of both the Navy and the US Department of Defense. Security issues are still being resolved, US government officials told the newspaper. Solving the security problems would have cost hundreds of millions of dollars, where the initial estimate was $10 billion.

Incidentally, the vice admiral who took charge of the recovery operation is likely to be named the new head of NSA intelligence soon. He succeeds the current head of the service, Keith Alexander. Since the summer of 2013, criticism of the NSA has grown sharply due to the revelations of NSA whistleblower Edward Snowden.