Skip to main content
close search
site logo
Dive Brief

Underlying security issues exposed by State Department's email breach

Published Sept. 21, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Phil Roeder, Flickr

Dive Brief:

  • The U.S. State Department suffered an email breach, first reported by Politico after obtaining a notice marked "sensitive but unclassified" from Sept. 7. The notice confirmed an "activity of concern" in the Department's unclassified email system, though its impact reached less than 1% of employee inboxes. No attacker has been identified.

  • Following the breach, Sen. Ron Wyden, D-OR, released a letter saying "at least one major technology company" informed government officials that personal accounts and devices are targets of adversarial activity. 

  • The senator said he is introducing legislation to allow the U.S. Senate Sergeant at Arms to offer cybersecurity assistance to Senate members and their staffs in the form of an opt-in solution. 

Dive Insight:

The federal government  struggles with its cybersecurity workforce, but not for a lack of trying. Officials have said finding talent they need in security is easy, retaining it is hard.

Even leadership in federal technical roles has been finicky the last 18 months. The State Department's CIO Frontis Wiggins retired late last year and Karen Mummaw has been the agency's acting CIO since.  

Before Wiggins retired, the State Department struggled to achieve adequate grades in the Federal Information Technology Acquisition Reform Act (FITARA), a scorecard put in place to aid the authority and progress of federal IT CIOs. On the latest scorecard, published in May, the Department had a low "D-."

The agency earned its highest score in CIO authority enhancement, but received failing scores for software licensing and cyber.

"Breaches should be expected where there is a failure to maintain a robust security posture," Jacob Serpa, product marketing manager at Bitglass, told CIO Dive.

The government has to compete with the salaries and more innovative opportunities than the private sector offers. As a result, the public sector's cybersecurity is where it was five or six years ago, according to Michele Thomas, CISO of the Department of Transportation, speaking at an event in Washington last month.

As noted by several federal CISOs, adversaries are attempting slow bleed attacks masked by seemingly small and insignificant actions. This tactic is common for attackers searching for a way into a system and looking to experiment with exploits.

Using methods that "appear fairly innocuous," hackers are equipping themselves to carry out a larger scale attack, said Serpa. Training employees, enacting multi-factor authentication methods and using behavior analytics tools help stop suspicious activity at first detection. 

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
NeuBird Launches Hawkeye Availability in AWS Marketplace
From NeuBird
April 29, 2025
Blackpoint Cyber Unveils CompassOne: A Unified Security Posture and Response Platform to Secur…
From Blackpoint Cyber
April 28, 2025
Snowflake Achieves Department of Defense IL5 Authorization, Furthering Position as the Trusted…
From Snowflake
April 10, 2025
Celonis Recognized as a Leader for Third Consecutive Year in 2025 Gartner® Magic Quadrant™ for…
From Celonis
April 23, 2025
Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.