Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Justice Department Says It’s Been Affected by Russian Hack

The Justice Department disclosed on Wednesday that it was among the federal agencies harmed by a massive breach of government networks that U.S. officials have linked to Russia.

The Justice Department disclosed on Wednesday that it was among the federal agencies harmed by a massive breach of government networks that U.S. officials have linked to Russia.

The extent of the damage was unclear. The department said that 3% of its Microsoft Office 365 email accounts were potentially affected, but did not say to whom those accounts belonged. There are no indications that classified systems were affected, the agency said.

The department said it detected on Dec. 24 “previously unknown malicious activity” linked to the broader intrusions of federal agencies revealed earlier that month, according to a statement from spokesman Marc Raimondi.

The statement came one day after federal law enforcement and intelligence agencies formally implicated Russia in the intrusions, which officials said were part of a suspected intelligence gathering operation. President Donald Trump had previously raised without evidence the idea that China could be to blame.

Continuous Updates: Everything You Need to Know About the SolarWinds Attack

The hacking campaign was extraordinary in scale, with the intruders having stalked through government agencies, defense contractors and telecommunications companies for months by the time the breach was discovered. Experts say that gave the foreign agents ample time to collect data that could be highly damaging to U.S. national security, though the scope of the breaches and exactly what information was sought is unknown.

An estimated 18,000 organizations were affected by malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds. Of those customers, though, “a much smaller number has been compromised by follow-on activity on their systems,” the statement said, noting that fewer than 10 federal government agencies have so far been identified as falling into that category.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...