The US Department of Energy, the agency that helps regulate our power grid, nuclear arsenal, and national labs, has been hacked 159 times between 2010 and 2014, according to a review of federal records obtained by USA Today.
The records, which USA Today acquired through the Freedom of Information Act, paint a picture of an agency under constant siege, with 1,131 attempted cyberattacks reported during a 48 month period. 159 of those attempts appear to have been successful.
Information on the exact nature of the attacks was redacted before the records were released, and DOE officials wouldn’t comment on whether any sensitive data related to the nation’s power grid or nuclear weapons stockpile had been accessed or stolen.
Cybersecurity experts aren’t very surprised by the news, saying that until federal agencies take steps ensure adequate security policies and procedures are implemented, these sorts of attacks will continue unabated.
“The Department of Energy has all the same problems as just about every other agency, the same problems that were highlighted” Tenable Network Security strategist Cris Thomas told Homeland Security Today, referencing the massive hack into OPM computers earlier this summer that saw 22 million Social Security numbers stolen.
“Basic fundamental security practices are either not properly implemented, not enforced or just plain missing,” Thomas continued. “The overall state of insecurity at the DOE was revealed by a report released by the Office of Inspector General just last year which found numerous default or easily guessed passwords on user workstations among other issues. These were some of the same exact problems that were found at OPM.”