US government agencies hacked; Russia a possible culprit
Hackers broke into the networks of federal agencies including the Treasury and Commerce departments in attacks revealed just days after U.S. officials warned that cyber actors linked to the Russian government were exploiting vulnerabilities to target sensitive data.
The FBI and the Department of Homeland Security’s cybersecurity arm are investigating what experts and former officials said appeared to be a large-scale penetration of U.S. government agencies.
“This can turn into one of the most impactful espionage campaigns on record,” said cybersecurity expert Dmitri Alperovitch.
The hacks were revealed just days after a major cybersecurity firm disclosed that foreign government hackers had broken into its network and stolen the company’s own hacking tools. Many experts suspect Russia is responsible for the attack against FireEye, a major cybersecurity player whose customers include federal, state and local governments and top global corporations. The apparent conduit for the Treasury and Commerce Department hacks — and the FireEye compromise — is a hugely popular piece of server software called SolarWinds. It is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. government agencies who will now be scrambling to patch up their networks, said Alperovitch, the former chief technical officer of the cybersecurity firm CrowdStrike. The attacks were disclosed less than a week after a National Security Agency advisory warned that Russian government hackers were exploiting vulnerabilities in a system used by the federal government, “allowing the actors access to protected data.”
The U.S. government did not publicly identify Russia as the culprit behind the hacks, first reported by Reuters, and said little about who might be responsible.