14 DAY TRIAL // A contractor for the Department of Homeland Security (DHS), the US Investigation Services (USIS), identified signs of intrusion on its systems and officials believe that the incident may have been perpetrated by operators from another government.
The organization is a commercial provider of background investigations for the federal government and performs verifications for DHS employees and applicants.
According to a statement from the organization, released on Wednesday, as soon as the attack was identified, federal law enforcement was informed of the incident along with other agencies and the Office of Personnel Management (OPM).
USIS also contracted an independent team of forensics experts to help with determining the extent of the breach and learning about the purpose of the attackers. Based on the current information, the experts have reason to believe that the incident “has all the markings of a state-sponsored attack.”
In the statement provided on their website, USIS said that because of the ongoing investigation additional details could not be provided at that moment.
“Our systems and people identified this attack, and, in response, we are working alongside OPM, the Department of Homeland Security (DHS) and federal law enforcement authorities in redoubling our cyber security efforts,” added the company.
But additional information is provided by the Department of Homeland Security, via Washington Post. Officials told the newspaper that some DHS personnel may have been affected by the breach.
When sending the data to USIS, DHS encrypts it, but there is no certainty that the information remains protected and no clear answer can be given about what has transpired from the company’s systems.
Information, especially as sensitive as that about government employees, should benefit from encryption protection both when in transit and when stored on the server. As expected, USIS is offering their full cooperation in the investigation.
An investigation of the breach is also carried out by the Office of Personnel Management (OPM) in cooperation with US CERT (Computer Emergency Readiness Team) in order to find out the exact circumstances of the incident and the threat actors behind it.
As a result of the breach, OPM and the Department of Homeland Security have suspended their work with USIS on employee security background verifications.
USIS has over 5,700 employees that provide services both in the United States and overseas. The company is also the one that ran background checks on NSA whistleblower Edward Snowden. They were also the ones vetting Navy Yard shooter Aaron Alexis.