Computer hackers who breached the State Department's unclassified e-mail network this past November reportedly are still there, despite efforts to root them out.
The Wall Street Journal, citing three people familiar with the investigation, reported that government officials, including the National Security Agency and the FBI, as well as outside contractors have repeatedly scanned the network for intruders and have even taken some systems offline. However, the paper reported that investigators still see signs of hackers in the network.
Among the issues facing investigators trying to purge the State Department network of the intruders, according to the Journal, is its sheer size, as well as the fact that some of the hackers are apparently trying to regain access to the system using altered versions of their original code. It is not clear how much data, if any, has been taken by the intruders, and there is no evidence that they have access any classified networks.
"We deal successfully with thousands of attacks every day," State Department spokeswoman Marie Harf told the Journal in a written statement. "We take any possible cyber intrusion very serious—as we did with the one we discussed several months ago—and we deal with them in conjunction with other relevant government agencies."
There has also been no official determination about who was behind the original breach. However, five people connected with the probe told the Journal that they had seen evidence suggesting involvement by the Russian government. Those people cited similarities between the malware used in the State Department breach and other hacking tools linked to Moscow. Two people also said that the hackers had taken State Department emails concerning the ongoing crisis in Ukraine.
At the time of the original breach in November, the State Department said that it believed the activity was linked to attacks on the White House computer network that were made public the previous month. In the intervening period, a number of agencies, including the U.S. Postal Service and the National Weather Service, also reported attacks on their networks.
Earlier this week, the Russian-based Kaspersky Lab released a report claiming to detail NSA spying on Russia and other countries. The NSA had no comment on that report.