The U.S. Department of Justice on Wednesday confirmed that access to its email systems by hackers hacked at software company SolarWinds was another indication of the seriousness of the offense that shook Washington.
The extent of the cap at the Justice Department was not immediately clear, but it could be important. The department, which has more than 100,000 employees in a range of law enforcement agencies, including the FBI, the Drug Enforcement Agency and the U.S. Marshals Service, said in a statement that 3% of its Office 365 mailboxes may have been obtained.
The statement further said that the Department of Justice has no indication that any classified systems are affected. But gaining access to as many as thousands of e-mail boxes from the country’s leading law enforcement organization could still provide an intelligence bonanza for foreign hackers.
The department plays a key role in eradicating foreign spies, enforcing sanctions and fighting corruption. The department recently took increasingly aggressive action against foreign hackers and slashed a series of accusations against Russian, Chinese and Iranian cyber spies in the run-up to the US presidential election two months ago.
A spokesman for justice, Marc Raimondi, did not want to determine the exact number of mailboxes.
The statement said the intelligence chief’s office discovered the crime a day before Christmas, weeks after initial reports surfaced that hackers suspected of acting on behalf of Russia had broken into US government networks.
Russia has denied responsibility for the burglary campaign, which has been described as one of the most sophisticated operations in years. But on Tuesday, the office of the US director of national intelligence said that Russia was probably behind the hood in the first formal statement of attribution of the Trump administration.
The hackers were able to gain access to a range of government agencies by tampering with the network monitoring software sold by Austin-based SolarWinds.
In a joint statement, the National Intelligence Agency, the FBI, the National Security Agency and the Cybersecurity and Infrastructure Security Agency in the Department of Homeland Security said the actor, “probably of Russian origin, is responsible for most or all of the discovery, continuous cyber compromises of both government and non-government networks ”.
The investigation continues, according to them, and may turn up additional government victims. From now on, it seems that the hackers are gathering intelligence, rather than any destructive acts.
Less than ten government agencies were affected, the director of national intelligence said, but did not specify how many.
Cybersecurity experts said repairing the breaches could take months – or even longer.