Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Justice Department Says Russians Hacked Federal Prosecutors

The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said.

The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said.

The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. All told, the Justice Department said 27 U.S. attorney offices had at least one employee’s email account compromised during the hacking campaign.

The Justice Department said in a statement Friday that it believes the accounts were compromised from May 7 to Dec. 27, 2020. Such a timeframe is notable because the SolarWinds campaign, which infiltrated dozens of private-sector companies and think tanks as well as at least nine U.S. government agencies, was first discovered and publicized in mid-December.

The Biden administration in April announced sanctions, including the expulsion of Russian diplomats, in response to the SolarWinds hack and Russian interference in the 2020 U.S. presidential election. Russia has denied wrongdoing.

Jennifer Rodgers, a lecturer at Columbia Law School, said office emails frequently contained all sorts of sensitive information, including case strategy discussions and names of confidential informants, when she was a federal prosecutor in New York.

“I don’t remember ever having someone bring me a document instead of emailing it to me because of security concerns,” she said, noting exceptions for classified materials.

The Administrative Office of U.S. Courts confirmed in January that it was also breached, giving the SolarWinds hackers another entry point to steal confidential information like trade secrets, espionage targets, whistleblower reports and arrest warrants.

The list of affected offices include several large and high-profile ones like those in Los Angeles, Miami, Washington and the Eastern District of Virginia.

Advertisement. Scroll to continue reading.

The Southern and Eastern Districts of New York, where large numbers of staff were hit, handle some of the most prominent prosecutions in the country.

“New York is the financial center of the world and those districts are particularly well known for investigating and prosecuting white-collar crimes and other cases, including investigating people close to the former president,” said Bruce Green, a professor at Fordham Law School and a former prosecutor in the Southern District.

The department said all victims had been notified and it is working to mitigate “operational, security and privacy risks” caused by the hack. The Justice Department said in January that it had no indication that any classified systems were affected.

The Justice Department did not provide additional detail about what kind of information was taken and what impact such a hack may have on ongoing cases. Members of Congress have expressed frustration with the Biden administration for not sharing more information about the impact of the SolarWinds campaign.

The Associated Press previously reported that SolarWinds hackers had gained access to email accounts belonging to the then-acting Homeland Security Secretary Chad Wolf and members of the department’s cybersecurity staff, whose jobs included hunting threats from foreign countries.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.