U.S. intelligence agencies warn cyber attack on government ongoing
"This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government," the FBI, the director of national intelligence and the Cybersecurity and Infrastructure Security Agency said in a joint statement.
The March attack on software created by Texas based SolarWinds in which hackers installed malware continued for months until it was discovered by cybersecurity company FireEye. Both companies have pointed the finger at hackers linked to the Russian government.
Hackers reportedly breached software used by the U.S. Treasury Department and the Commerce Department, allowing them to view internal email traffic.Â The agencies did not confirm the targets of the cyber attack.
U.S. Secretary of State Mike Pompeo also pointed to Moscow on Monday, saying the Russian government had made repeated attempts to breach U.S. government networks.
SolarWinds said up to 18,000 customers, which included government agencies and Fortune 500 companies, had downloaded the compromised software updates, allowing hackers to spy on email exchanges. The content the hackers sought to steal and how successful they were remains unknown at this time.
The FBI said it has opened an investigation to identify and pursue those responsible for the hack. After the attack was detected, CISA ordered federal agencies to power down the breached software. The agencies have created a coordination unit and emergency talks are being held at the White House on a daily basis to discuss the government's response.
U.S. National Security Adviser Robert O'Brien cut short a trip to the Middle East and Europe this week to deal with the fallout from the hack. ■