A government laptop used by Secretary of Commerce Carlos Gutierrez may have been breached during a visit to Bejing last December.
U.S. authorities are investigating whether Chinese officials secretly copied information from Gutierrez's laptop and then tried to hack into Commerce Department computers, according to published reports.
The laptop was left unattended during the trip, and it is believed the content was copied at that time, reports said.
Since December, the U.S. Computer Emergency Readiness Team (US-CERT) has been called in to work on Commerce Department computers at least eight times; three of those calls were allegedly in response to possible data security break-ins.
The incident is under investigation.
The Office of Management and Budget (OMB) has issued mandates that all government laptops should have disk encryption and requires the use of two-factor authentication for remote access, said John Pescatore, vice president and distinguished analyst at Gartner.
“If the secretary of commerce had these installed on his laptop and if he was not logged in when the laptop was left unattended, the damage would be minimal -- no information loss would have occurred and no useful passwords could have been obtained,” Pescatore told SCMagazineUS.com on Monday.
If the laptop was not encrypted and/or if the Commerce Department does not use two-factor authentication for remote access, he added, then very serious compromises could have occurred, including: All files and email messages could have been exposed; malicious software could have been installed; all reusable passwords could have been compromised and if remote access to Department of Commerce systems were performed during the unattended period, much deeper compromises could have occurred.
“This is why encryption, login timeout timers and two-factor authorization is so important,” he said.
A department spokesperson could not be reached for comment.