“Given indicators of suspicious activity, elements of our cyber workforce isolated the Joint Staff unclassified network from the larger Department of Defense information network and the Internet,” Henderson stated. “Isolating the Joint Staff network, enabled us to conduct a systematic process to hunt for adversaries, mitigate any malicious activity, confirm network security and integrity and further harden defenses.”
Several media reports pointed to the Russian government or independent Russian hackers behind the attack, but the Defense Department declined to point to a culprit citing “operational security reasons.”
Henderson noted while any cyberattack on Defense Department systems is “troubling,” each attempt of hackers to intrude on its networks “offers a learning opportunity to improve” cyber defenses against future attacks.
No classified or sensitive information has been accessed in the cyberattack on the unclassified system, which is used by the US military’s top leaders, including the Chairman of the Joint Chiefs.
