U.S. Navy/Mass Communication Specialist 1st Class Tommy Lamkin
In 2012, Iranian hackers managed to penetrate the US Navy’s unclassified administrative network, the Navy Marine Corps Intranet.
While the attack was disclosed last September, the scale of it was not—the attack gave hackers access to the NMCI for nearly four months, according to an updated report by The Wall Street Journal.
Vice Adm. Michael Rogers, who is now President Barack Obama’s choice to replace Gen. Keith Alexander as both NSA director and commander of the US Cyber Command, led the US Fleet Cyber Command when the attack came to light. Rogers’ response to the attack may be a factor in his confirmation hearings.
Iranian hackers attacked NMCI in August of 2012, using a vulnerability in a public-facing website to gain initial access to the network. Because of a flaw in the security of the network the server was hosted on, attackers were able to use the server to gain access to NMCI’s private network and spread to other systems.
While the vulnerability that allowed the attackers to gain access in the first place was discovered and closed by October, spyware installed by the attackers remained in place until November.