Pentagon officials last week cut off employee access to private webmail after a malicious, pervasive email campaign was spotted.
Employees could not log on to commercial webmail services from the military’s network for about 48 hours beginning Thursday night, according to the Defense Department. The Defense Information Systems Agency, which operates the Department of Defense Information Network, severed connections, by direction of U.S. Cyber Command.
Defense restored access over the weekend.
“The decision to temporarily block commercial webmail services was a result of a recent, widespread phishing effort,” agency spokesman Jeffrey Capenos told Nextgov in an email Wednesday.
Decision to temporarily block commercial webmail services was a result of a recent, widespread phishing effort
He declined to comment on whether the adversaries disrupted or compromised any systems, but said the agency routinely fights well-resourced threats.
“Given any indicators of suspicious activity,” Pentagon cyber pros have systematic procedures in place and, “as appropriate, mitigate malicious activity, confirm network security and integrity, and further harden defenses,” Capenos said.
“DOD cyber forces counter thousands of adversarial cyber efforts daily, and in the highly contested domain of cyberspace, we remain focused on aggressively preventing, mitigating and maintaining resilience against increasingly sophisticated efforts,” he said.
The military was rattled by a successful targeted “spearphishing” attack last summer. In July, hackers tricked Joint Staff personnel into opening emails that helped a nation state, reportedly Russia, penetrate a Pentagon unclassified network.