China-based hacks hit Interior Dept. in 2013, inspector says

China-based hacks hit Interior Dept. in 2013, inspector says

Foreign cyber spies and other hackers have infiltrated the Department of the Interior 19 times in recent years, according to a recent government watchdog report.

The intrusions — from China, Europe and elsewhere — put unknown amounts of agency data at risk of exposure.


“These security incidents resulted in the loss of sensitive data and disruption of bureau operations,” said the memo, which the agency’s inspector general prepared for Interior Secretary Sally JewellSarah (Sally) Margaret JewellNational parks pay the price for Trump's Independence Day spectacle Overnight Energy: Zinke extends mining ban near Yellowstone | UN report offers dire climate warning | Trump expected to lift ethanol restrictions Zinke extends mining ban near Yellowstone MORE.

Interior's cyber defenses were thrust into the spotlight this summer when it was revealed the agency housed one of the databases that suspected Chinese hackers accessed to pilfer troves of Office of Personnel Management (OPM) records.

An Interior spokesperson told tech news site NextGov, which first reported on the memo, that none of incidents mentioned in the report were linked to the OPM breach.

But the report does detail some potentially troubling hacks and concludes that the department will continue to be a target “because of the large size of its networks, and because those networks contain sensitive information.”

Interior manages most federal land as well as information on natural resources.

The agency is also digitally tied to many other federal agencies, meaning hackers often attempt to use it as a foothold to breach other government targets, such as the OPM.

The report elaborated on some of the agency's more serious intrusions in recent years.

In October 2014, attacks launched from somewhere in Europe compromised “an unknown amount of data” after hackers took over two of the department's public servers.

That same month, hackers stole administrative credentials to enter the system.

“The extent of these system breaches was never fully determined,” the IG acknowledged, but the report explained that such access could allow the hackers to copy or delete data, or even place undetected malware in the system to continue monitoring the network.

“In other words,” the IG said, “the intruders could have gained full functional control over DOI systems.”

The memo also revealed a China-based attack in 2013 lasting four weeks. In that timespan, the hackers made off with “an unknown amount of [data] and had uploaded malware with the intent to compromise other DOI systems.”

The report pushed the department to improve its cyber strategy and said the agency requires more money to protect its systems and hire the necessary security experts.

“Security issues will continue to expand unless funding, strategic planning, and policy are improved," it said.