Suspected Russian hackers broke into key government departments and gained access to internal emails.
Highly-sophisticated cyber attacks on federal departments including Treasury and Commerce reportedly prompted The National Security Council to meet on Saturday.
Several sources told Reuters that security services believe Russian hackers were behind the attack.
News of the attacks emerged less than a week after The National Security Agency warned that “Russian state-sponsored actors” were exploiting weak spots in a system used by US federal agencies.
The security breaches are thought to be part of a wider campaign of cyberwarfare linked to the recent attack on US cybersecurity firm FireEye.
Suspected Russian hackers have infiltrated several key parts of the US government, including the Treasury and Commerce departments, in a “highly-sophisticated” and large-scale cyber attack which took place over several months.
The security breaches were so alarming that they prompted The National Security Council to meet on Saturday, Reuters reported and came less than a week after the National Security Agency warned that “Russian state-sponsored actors” were exploiting weak spots in a computer system used by US federal agencies.
“This is a much bigger story than one single agency,” a source familiar with the attack told Reuters.
“This is a huge cyber espionage campaign targeting the US government and its interests.”
Another source told Reuters that the security breaches were “highly-sophisticated,” with hackers successfully bypassing the Microsoft security software used by The National Telecommunications and Information Administration.
Tech expert and CrowdStrike co-founder Dmitri Alperovitch told AP that the breaches could amount to “one of the most impactful espionage campaigns on record.”
Hackers acquired access to internal emails at the Treasury and Commerce departments as part of an attack that also targeted several other government departments and national security agencies, The New York Times reported.
National Security Council spokesperson John Ullyot told the Times: “The United States government is aware of these reports, and we are taking all necessary steps to identify and remedy any possible issues related to this situation.”
The Commerce Department confirmed that it had asked the FBI and the Cybersecurity and Infrastructure Security to investigate.
Three people familiar with the attack told Reuters that Russia was believed to be behind it, with the publication adding that two of the sources said it was linked to a wider foreign campaign of cyberwarfare that included the recent attack on Silicon Valley cybersecurity giant, FireEye. The company’s CEO Kevin Mandia last week said the tactics deployed by the hackers looked like those of “a nation with top-tier offensive capabilities,” but didn’t name potential perpetrators.
In a statement posted on social media, Russia’s embassy in the US denied allegations that Moscow was responsible for the attacks and criticised “unfounded attempts of the US media to blame Russia for hacker attacks on U.S. governmental bodies.”
While the news of the attacks emerged just last week, they had been underway since the spring, several several sources told The New York Times, meaning hackers were infiltrating the highest levels of US government during both the presidential election campaign and the Trump administration’s response to the coronavirus pandemic.
Hackers reportedly broke in by exploiting updates to SolarWind, an IT company used across the US government and military to manage networks, according to multiple reports. The company’s website says customers include the Office of President of the United States, the State Department, and the National Security Agency.
Read the original article on Business Insider