Russian cyber-attack: Russian Hackers Targeted Microsoft, US nuclear agency, and also three states
As part of a suspected Russian cyber-attack that struck a variety of federal government entities, the U.S. nuclear weapons agency, and at least three states were hacked. Reuters claimed that Microsoft Corp. was also abused, but the firm denied that the tools were used to target others further.
According to a source familiar with the matter, the Energy Department and the National Nuclear Security Administration, which oversees America’s nuclear arsenal, were attacked as part of the broader attack. Shaylyn Hynes, a Department of Energy spokesperson, said in a statement that the hack did not involve “mission-essential national security functions,” an ongoing inquiry has found.
Hynes said that at this point, the investigation showed that only business networks were isolated from the malware. Politico has recently confirmed the targeting of the nuclear agency. Microsoft spokesman Frank Shaw said that “in our environment, which we isolated and removed,” the organization had discovered malicious technology.
“We have not found evidence of access to production services or customer data,” he said in a tweet.
Furthermore, two sources familiar with the wider government investigation into the attack said that three state governments were violated, but the states would not be named. A third person familiar with the investigation reported that they hacked state governments but did not have a figure.
The Cybersecurity and Infrastructure Security Agency said the hackers posed a grave hazard to federal, state, and local agencies, as well as sensitive infrastructure and the private sector, in an advisory Thursday that indicated the widening concern about the breach. The department said that the attackers showed “sophistication and complex tradecraft.”
While President Donald Trump has yet to address the hack publicly, President-elect Joe Biden stated on Thursday on what seems to be a major cybersecurity violation that potentially impacts thousands of victims, including U.S. corporations and federal government agencies.
Russia has denied any role in the operation.
Hynes, the spokeswoman for the Department of Energy, said attempts were quickly made to minimize the danger from the breach, including disconnecting the “identified as vulnerable to this attack” program.
While several specifics are still unknown, according to the organization and cybersecurity analysts, the hackers are suspected to have obtained access to networks by inserting malicious code in a commonly deployed software package from SolarWinds Corp., whose clients include government agencies and Fortune 500 enterprises. According to a source familiar with the matter, the Homeland Security, Treasury, Commerce, and State departments were violated.
“This is a patient, well-resourced, and focused adversary that has sustained long duration activity on victim networks,” the cybersecurity agency said in its bulletin.
