The Department of Justice and the federal court system announced Wednesday that they were one of dozens of U.S. government agencies and private enterprises compromised by a massive, one-month cyber-espionage campaign that linked U.S. officials to elite Russian hackers.
The extent of the damage was unclear.
FEDERAL SECURITY AGENCIES S SOL SOLARWINDS HACK ‘LIKELY RUSSIAN IN ORIGIN’
The department said 3% of its Microsoft Office 365 email accounts may be affected, but did not say to whom the accounts belong. There are no indications that the classified systems have been affected, the agency said. Office 365 is not just email, but also a collaborative computing environment, which means that access to shared documents is definitely gained, said Dmitri Alperovitch, former chief technical officer of cybersecurity firm CrowdStrike.
Separately, the administrative court of U.S. courts has informed federal judicial bodies across the country that the nationwide case management system of the courts has been violated. This may have given the hackers access to sealed court documents, the contents of which are very sensitive.
RUSSIA’s alleged heel of the US government: what you need to know
According to the Justice Department, on December 24, he detected “previously unknown malicious activities” related to the broader intrusions of federal agencies that were uncovered earlier this month, according to a statement from Marc Raimondi.
Separately, the court office said on its website that an “apparent compromise” of the U.S. Judiciary’s case management and electronic case system is being investigated.
POMPEO: RUSSIANS ARE ‘BEAUTIFUL CLEAR’ BEHIND HACK OF OUR GOVERNMENT
The Department of Homeland Security has sought the system, saying it poses a particular risk to sealed court documents, the disclosure of which could jeopardize much more than active criminal investigations.
“The potential reach is huge. The actual reach is probably significant,” said a federal court official who spoke on condition of anonymity because they were not authorized to disclose the information. The official confirmed that the extent of the compromise was national, but it was not clear how widespread it was.
The sealed court documents, if indeed violated, could contain information on national security, trade secrets and eavesdropping transcripts, along with financial data from bankruptcy cases and the names of confidential informants in criminal cases, the official added.
WHAT ARE SOLWINDERS? A look at the hacked software business in CROSSHAIRS
On Tuesday, federal law enforcement and intelligence agencies formally implicated Russia in the incursions, calling them part of a suspected intelligence-gathering operation. President Donald Trump earlier questioned the consensus and suggested without foundation that China could get the blame.
The burglary campaign was extraordinarily large, and the intruders followed for months through government agencies, including the treasury and trade divisions, defense contractors, and telecommunications companies.
Experts believe that the foreign agents gave enough time to collect data that could do a lot of damage to US national security, although the extent of the violations and the exact information requested are unknown.
CLICK HERE TO GET THE FOX NEWS APP
It is estimated that 18,000 organizations were maliciously exploited by malicious code used by popular network management software from a company, Austin, Texas, called SolarWinds. It is suspected that only one subset was compromised. Tuesday’s statement said less than 10 federal government agencies had been identified so far.
Thomas Rid, expert on Johns Hopkins’ cyber espionage, said that the 3% figure of the email accounts obtained from Justice may not sound like much, but that it does not mean that the hackers “are not the interesting things have not been achieved. “
Cybersecurity experts responding to the hack say highly skilled caliber spies behind the SolarWinds hack tend to keep their footprint as small as possible to prevent detection, and only target high-value emails and documents.
Rid wondered how confident the Department of Justice could be about the extent of the compromise.
“How good is their own visibility, since the US government agencies completely missed the offense in the first place?” he said. “Is this really on top of the problem? Do we just see the tip of the iceberg?”
The breach was discovered by FireEye, a prominent cybersecurity company, on its network. It subsequently identified and notified other victims.
DOJ HAS 6 RUSSIAN MILITARY HACKERS FOR GENERAL CIBERAT ATTACKS TO DO OLYMPIC GAMES, OTHER
Experts expect the severity of the hood and the number of victims identified to increase over time.
“History tells us that if you have a major offense, not just in one organization but also in an entire government – an entire sector – it will take a long time to identify who the victims are and how badly they are compromising. , “Rid said.
Microsoft declined to comment on the intruders who read email in the Office 365 environment of the Department of Justice, which is usually a cloud-based service offered by the software vendor.
Bajak reported from Boston. Associated Press authors Mark Sherman in Washington and Maryclaire Dale in Philadelphia contributed to this report.