The US Department of Commerce on Sunday confirmed a “security breach” in one of its offices, and federal agencies are investigating.
“We can confirm that there is a violation in one of our offices,” a commerce spokesman told CBS News. “We asked CISA [Cybersecurity and Infrastructure Security Agency] and the FBI to investigate, and we cannot comment further at this time. ”
Reuters, the news agency that first reported the hack, cited sources that the Treasury Department was also violated and that hackers may have broken into other government agencies as well. The sources told Reuters that hackers may have been able to monitor employee email in the agencies for months. Reuters also reported that the affected office in the Department of Commerce was the National Telecommunications and Information Administration.
In a statement, a CISA spokesperson said, “We have worked closely with our agency partners on recently discovered government network activity. CISA provides technical assistance to affected organizations to identify and mitigate potential tradeoffs.”
Christopher Krebs, the former head of CISA, tweeted“Hacks of this type require extraordinary craft and time. When it’s a supply chain attack with trusted relationships, it’s really hard to stop on the 1st.”by President Trump in November. After the news about the hacks, cancer
“I suspect this has been going on for many months on the 2nd. We need good intelligence to find victims and determine the scope,” added Krebs.
SolarWinds, a company that provides technical services to large corporations and several government agencies, recognized a “potential security hole” related to a software update released earlier this year.
“We are aware of a potential security vulnerability currently believed to be related to updates released between March and June 2020 for our Orion monitoring products,” said Kevin Thompson, CEO of SolarWinds. “We believe this vulnerability is the result of a sophisticated, targeted, and manual attack on the supply chain by a nation state. We are acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community and other law enforcement agencies. Therefore, we are investigating these matters we are limited to what we can currently share. “
FireEye, a major cybersecurity company that was breached last week, said it discovered a “global intrusion campaign” that it described as “widespread” at one timeBlog post published on Sunday evening. “The actors behind this campaign have been given access to numerous public and private organizations around the world,” the company said.