Federal Agencies Hacked

FILE - In this June 14, 2018, file photo, the FBI seal is seen before a news conference at FBI headquarters in Washington. The U.S. government on Tuesday, Jan. 5, 2021, said a devastating hack of federal agencies is “likely Russian in origin” and said the operation appeared to be an “intelligence gathering” effort. The assessment was disclosed in a rare public statement from the FBI and other investigative agencies. (AP Photo/Jose Luis Magana, File)

WASHINGTON — The Justice Department and the federal court system disclosed on Wednesday that they were among the dozens of US government agencies and private businesses compromised by a massive cyberespionage campaign that US officials have linked to elite Russia hackers.

The extent of the damage was unclear.

The department said that 3% of its Microsoft Office 365 email accounts were potentially affected, but did not say to whom those accounts belonged. There are no indications that classified systems were affected, the agency said. Office 365 isn’t just email but a collaborative computing environment, which means that shared documents were also surely accessed, said Dmitri Alperovitch, former chief technical officer of the cybersecurity firm CrowdStrike.

Separately, the Administrative Office of US Courts informed federal judicial bodies across the nation that the courts’ nationwide case management system was breached, potentially giving the hackers access to sealed court documents.

The Justice Department said that on Dec. 24 it detected “previously unknown malicious activity” linked to the broader intrusions of federal agencies revealed earlier that month, according to a statement from spokesman Marc Raimondi.

Separately, the court office said on its website that “an apparent compromise” of the US judiciary’s case management and electronic case file system was under investigation.

The Department of Homeland Security was scouring the system, it said, and cited a particular risk to sealed court filings, whose disclosure could jeopardize active criminal investigations.

“The potential reach is vast. The actual reach is probably significant,” said a federal court official who spoke on condition of anonymity because they were not authorized to disclose the information. The official confirmed that the scope of the compromise was national but it was not clear how widespread.

On Tuesday, federal law enforcement and intelligence agencies formally implicated Russia in the intrusions, calling them part of a suspected intelligence gathering operation. President Donald Trump had previously questioned that consensus, suggesting without foundation that China could be to blame.

The hacking campaign was extraordinary in scale, with the intruders stalking through government agencies including the Treasury and Commerce departments, defense contractors and telecommunications companies for months by the time the breach was discovered.

Experts say that gave the foreign agents ample time to collect data that could be highly damaging to US national security, although the scope of the breaches and exactly what information was sought is unknown.

An estimated 18,000 organizations were seeded with malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds.

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
PLEASE TURN OFF YOUR CAPS LOCK.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.