Threat Management, Incident Response, TDR

PA state website attack traced to China

Chinese hackers are believed to have compromised several pages on the Pennsylvania state government website but were stopped before they could lift any sensitive data or spread malware.

The intruders gained access Friday to the webpages of four state agencies: the Education, Labor and Industry, Lottery and Military and Veterans Affairs departments, said Mia DeVane, a spokeswoman for the state Office of Administration.

The source of the attack was traced to a domain registered in China, she told SCMagazineUS.com today.

Allen Paller, director of research for the SANS Institute told SCMagazineUS.com today that Chinese hackers have moved beyond familiar government targets.

"The pattern we're seeing is a spread beyond the Department of Defense and the defense industrial base," he said today..

However, Paller was not sure whether this spate of attacks is related to reported state-sponsored attacks on America's defense infrastructure, including the Pentagon and Oak Ridge National Laboratory, a Department of Energy facility.

"Either it's a different group, not the Chinese military, or they've come up with a reason why they want state data as well," he said.

Friday's attack prompted the state to shut down its website from about 9:30 a.m. to 5:30 p.m. EST, DeVane said, adding that she did not know the hackers' motive.

"It's not uncommon that folks try to get in with domains from China and Russian and Eastern Europe," she said. "I do know there were several states that experienced the same situation (on Friday)."

Chinese hackers were widely blamed for cyberattacks on the Pentagon and State Department in 2006.

DeVane credited Pennsylvania's strong security posture with being able to fend off the attacks. She said she did not have other information regarding the attacks on other states, which she declined to identify.

"We have all the latest and greatest virus and security protections in place," she said. "That's why we were able to catch it early."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.