The Pentagon suffered a "sophisticated cyberattack" that was aimed at its Joint Staff unclassified email system.
According to U.S. officials, the attack took place around the 25th of July and has caused the email system to be shut down for two weeks, impacting around 4,000 military and civilian personnel that work for the Joint Chiefs of Staff.
The cyberattack is said to have relied upon an automated system that rapidly gathers large amounts of data before distributing it to thousands of accounts on the Internet.
It is suspected that Russian hackers are to blame for the attack that took place via encrypted accounts on social media.
Once the attack was detected, the Pentagon shut down the entire unclassified email system and Internet, which is only expected to be back online by the end of this week.
Haiyan Song, SVP, Security markets, Splunk, said: "These attackers took enough data in a few minutes to shut down a vast email system for two weeks — the ramifications of which may not be fully known.
"While shutting down the system was a good isolation measure, you can be assured security teams are investigating further to understand the scope of this attack. When credentials get stolen, additional and more damaging attacks are inevitable. This is why being ready is so critical. Speed of detection and response is the only true defence.
"We cannot keep having the same weekly conversation about cybersecurity. It is well known that cyber space is the new front line. If we are not better prepared, we will continue to see stories like this play out, and there will be ongoing threats to national security.
"It is the responsibility of government and industry to work together and find comprehensive policy and technology solutions that better equip agencies’ security teams."
This isn’t the first time that government files have been the focus of attacks and yet again it is suspected that a foreign state could be behind it. A U.S. official told NBC News: "It was clearly the work of a state actor."
It has been stressed that no classified information was seized or compromised and that only unclassified accounts and emails were hacked.
