DOT Targeted by Spearphishing Campaign

This is odd to me in that it was reported in the papers, and secondly, that the Department of Transportation has been targeted by spearphishers, as opposed to some other more important government agency.

But what it most likely means is that many government agencies have been similarly targeted and affected.  We already know that the same things happened to DoD units.  This could indicate a general overall cyber attack is targeting our government infrastructure.

From Reuters here:

Hackers stole information from the Department of Transportation and several U.S. corporations by seducing employees with fake job-listings on ads and e-mail, a computer security firm said on Monday.
 
The list of victims included several companies known for providing security services to government agencies.

They include consulting firm Booz Allen, computer services company Unisys Corp., defense contractor L-3 communications, computer maker Hewlett-Packard Co. and Hughes Network Systems.

A piece of software, NTOS.exe, probes the PC for confidential data, then sends it to a Web site hosted on Yahoo Inc.. That site’s owner is likely unaware that it is being used by hackers, Morris said.

That Web site hosts data that had been stolen from more than 1,000 PCs and encrypted before it was posted on the site.

So what kind of information would be important within the DoT that hackers would want access to?  Probably configuration information for the network so the attacker can gain wider access-  but more importantly, access to security information about highways, bridges, railways, trucking and other critical infrastructure information.

And just who is behind this attack?  Who would benefit from access to this information?  Terrorist organizations?  Al Queda?  I hope the FBI finds out quickly.