Suspicious Russian hack of Native US Treasury Department emails has sparked fears among domestic intelligence agencies that other government agencies could be in danger.
Three unnamed sources known at the inquest told the Associated Press on Sunday that Russia was believed to be behind the cyber attacks. U.S. officials have not yet released details, including who is suspected of being behind the hack, without confirming that a breach has occurred. The Department of Commerce said one of its agencies had been targeted and that the FBI and the Cyber Security and Infrastructure Security Agency (CISA) were currently investigating the incident.
Two unnamed sources said on their website that hackers had infiltrated US organizations through updates released by Solar Winds, a software company based in Austin, Texas. In addition, the company serves the nation’s leading telecommunications providers and “more than 425 of the Fortune 500 in the US”.
Nicola Aspuri / Getty
Solar Winds’ vast network of federal clients has sparked fears among U.S. intelligence officials, and four unnamed sources have expressed fears that those agencies could also be at risk. “This is a much bigger story than a single company,” said one source familiar with the matter. “This is a huge cyber espionage campaign targeting the US government and its interests.”
On Sunday evening, Solar Winds said a “sophisticated, targeted and manual supply chain attack on a nation-state” could have infiltrated its software updates between March and June this year.
Hackers are suspected of using a method known as a “supply chain attack” in which malicious code is embedded in software updates issued to victims. Cyber spies are believed to have been indirectly monitoring emails from federal employees for several months after they entered the Microsoft 360 office platform of the National Telecommunications and Information Administration (NTIA).
The Russian government has refused to engage in suspicious attacks. In a statement shared on Facebook, the country’s foreign ministry said the allegations were “another unsubstantiated attempt by the US media to accuse US government officials of hacking Russia.”
“Russia will not carry out ‘offensive’ operations in a virtual environment,” the statement said. “The Russian Federation is actively promoting bilateral and multilateral cyber security agreements.”
One source briefly in this case asserted that the attacks were “a nation state”, while another called the hackers “very sophisticated”.
All sources spoke of anonymity due to the sensitivity of the violation. They say the official investigation is still at an early stage and more details may come out in the coming months.
Newsweek For more information on the investigation, contact the FBI.