The US Department of Justice confirmed Wednesday that hackers who broke into software company SolarWinds had assessed its email systems, another indication of the severity of the breach that has rocked Washington.
The scale of the attack on the justice department was not immediately clear, but it could be significant. The department, which has more than 100,000 employees in a number of law enforcement agencies including the FBI, the Drug Enforcement Agency and the U.S. Marshals Service, said in a statement that 3% of its Office 365 mailboxes.
The statement went on to say that the Justice Department had no indication that any classified system was affected. But gaining access to thousands of email inboxes from the country’s leading law enforcement organization could still provide an intelligence bonanza for foreign hackers.
The department plays a key role in rooting out foreign spies, enforcing sanctions, and fighting corruption. The department has recently taken increasingly aggressive actions against foreign hackers, revealing a series of accusations against Russian, Chinese and Iranian cyberspaces in the run-up to the US presidential election two months ago.
A spokesman for justice, Marc Raimondi, refused to give a precise figure for the number of mailboxes attacked.
The statement said the justice department’s chief information officer’s office discovered the breach the day before Christmas, weeks after the first reports emerged that hackers suspected of acting on behalf of Russia had broken into government networks in Russia. U.S.
Russia has denied responsibility for the piracy campaign, which has been described as one of the most sophisticated operations discovered in years. But on Tuesday, the office of the US director of national intelligence said Russia was likely behind the attack in the Trump administration’s first formal attribution statement.
Hackers were able to gain access to a swath of government agencies by tampering with network monitoring software sold by Austin-based SolarWinds.
In a joint statement, the national intelligence office, the FBI, the National Security Agency and the Cybersecurity and Infrastructure Security Agency within the Department of Homeland Security said the actor, “probably of Russian origin, is responsible for the majority or of all the recently discovered, ongoing cyber compromises of governmental and non-governmental networks ”.
The investigation continues, they said, and could find more government victims. As of now, the aim of the hackers seemed to be gathering intelligence, rather than destructive acts.
Fewer than 10 government agencies were affected, the director of national intelligence said, but did not specify how many.
Cybersecurity experts have said that a full recovery from breaches could take months, or even longer.
George is Digismak’s reported cum editor with 13 years of experience in Journalism