The United States Department of Energy is the latest agency to ensure that it is violated in what is being described as the worst incident ever to take place in the US government.
The department is responsible for handling American nuclear weapons, but said that the security of the weapons was not compromised.
Microsoft giant Microsoft also said on Thursday it had detected malicious software in its programs.
Many suspect that the Russian government is responsible. Denied any role.
The U.S. Treasury Department of Finance and Commerce is one of a number of months-long criminal violations, first approved by officials on Sunday.
US Government’s Response
President Donald Trump is yet to comment on the cyber attack.
Meanwhile, U.S. President-elect Joe Biden has vowed to make cyber security a “priority” in his administration.
“We have to disrupt and prevent our opponents from attacking in the first major attack,” he said. “We will do that, among other things, at great cost to those who are subjected to vicious attacks, including working with our partners and our partners.”
The top US cyber agency, the Cybersecurity and Infrastructure Agency (Cisa), issued a stern warning on Thursday, saying dealing with the entry would be “very complicated and challenging”.
He said “critical infrastructure” had been damaged, government agencies and private companies were at risk, and the damage was in serious danger.
The burglary began at least in March 2020, and those responsible for it “showed patience, operational safety, and sophisticated trade”, Cisa said.
The organization did not identify any information that was stolen or disclosed.
Commenting on the attack on the Department of Energy, Department spokeswoman Shaylyn Hynes confirmed that it was being held accountable for cyber violations but said “this malware is restricted to businesses only”.
He said security operations at the National Nuclear Security Administration (NNSA), which oversees US nuclear weapons, had not been affected.
The list of who has been hacked is already long – and will pass. These are still the earliest, and bizarre, days of investigation as government departments, companies, and organizations rush to see if they have a back room in their plans and what could be stolen in months.
The scale may be huge, but the truth is no one is sure of the impact yet. So far, this seems to have been an old spy – intentional data theft. There is not much evidence yet that hackers were planning to disrupt systems or cause real damage to the world, though that could still happen.
That also makes it harder for the US to respond – after all, intelligence is something you have always done. The problem is that in this case the US defense was wrong to detect and block those who were experiencing it.
Whats Known About The Hacks?
“There is a lot we don’t know yet, but what we do know is a very serious matter,” said President-elect Biden.
The smugglers are known to have at least some of the details of various US government departments including government, defense, national security, treasury and trade, Reuters news agency reports.
Cisa said the perpetrators were able to break into computer networks using a software management network developed by Texas-based IT company SolarWinds.
Up to 18,000 SolarWinds Orion customers download updates containing malicious software installed by hackers.
All U.S. NGOs were told to remove SolarWinds from their servers earlier this week as a result.
Cisa said on Thursday it was investigating “evidence of access to other accessors, other than the SolarWinds Orion platform”.
Microsoft has identified more than 40 of its clients targeted by cyberattacks, including government agencies, think tanks, non-governmental organizations and IT companies. About 80% of these were in the United States, while the rest were in Canada, Mexico, Belgium, Spain, the UK, Israel and the UAE.
The company’s president Brad Smith said the attack was “remarkable for its breadth, selfishness and impact”.
“This is not a ‘spy as usual,’ even in the digital age,” he wrote in a blog post. “Instead, it represents an act of negligence that has created a major technological threat in the United States and the world.”
No Cisa or the FBI has publicly stated who he believes is responsible for the attack, but private security companies and officials quoted in US media have pointed the finger at Russia.
The Washington Post has accused a Russian hacking group called Cozy Bear or APT 29, which has links to local spy agencies. The newspaper reported that the same Russian group hacked the State Department and the White House email servers during Barack Obama’s presidency.
In a statement shared on social media on Monday, the Russian ambassador to the US said he was “not continuing to attack the cyber domain”.
“Malicious activities in the information space contradict the principles of the Russian foreign policy, national interests and our understanding of interstate relations,” the embassy said.