The National Oceanic and Atmospheric Administration reported that it was performing "unscheduled maintenance" on its servers on October 20th. According to the Washington Post's inside source, NOAA was actually breached by hackers and trying to figure out how exactly they got in.
And that investigation didn't take very long, either. Another source close to NOAA compared the government agency's security protocols to be the digital equivalent of a "screen door." It keeps the mosquitoes out, but one kick will breach it entirely.
What does NOAA do and why should we be concerned it was hacked? First, from the official NOAA website:
From daily weather forecasts, severe storm warnings and climate monitoring to fisheries management, coastal restoration and supporting marine commerce, NOAA’s products and services support economic vitality and affect more than one-third of America’s gross domestic product. NOAA’s dedicated scientists use cutting-edge research and high-tech instrumentation to provide citizens, planners, emergency managers and other decision makers with reliable information they need when they need it.
Using NOAA, hackers apparently got access to American satellites — which are available for public viewing on the organization's website — but the satellites also contain data about the U.S.'s "environmental intelligence" that isn't reported to the general public.
This is the second attack with Chinese origins that has targeted U.S. government servers in a month or so, which could indicate that China is employing a cyberespionage team similar to the one working for Russian intelligence agencies.
Both the Chinese embassy and NOAA itself deny that the attack originated from China.
Despite NOAA and the Chinese embassy's denials, Rep. Frank R. Wolf (R-Va.) blew the whistle on the hack.
"NOAA told me it was a hack and it was China," Wolf told the Washington Post. He accused NOAA of "deliberately misleading the public in their replies."
I can't argue with him. NOAA had its servers breached, vulnerabilities exposed and refused to fess up to the people that it serves. Not only that, but the only real way to stop hacking is through awareness. If the hacks against the USPS and NOAA are actually connected, then the sooner other agencies can prepare for the next wave the better.
Even Yahoo was brave enough to come out and say that its servers were breached by hackers. I hope that more institutions, especially the federal government, adopt that policy.