FBI, NSA say ongoing hacks at US federal agencies ‘likely Russian in origin’ – TechCrunch

The US government says hackers are “likely to be originally Russian” responsible for breaking the network of at least 10 US federal agencies and several major companies, including FireEye And Microsoft.

In a joint statement published on Tuesday, the FBI, NSA and Homeland Securities’ Cyber ​​Security Advisory Unit, CISA, said the government was “still working to understand the scope” of the breech, but the breaches were likely an “intelligence issue”. Raising “effort. “

The statement said the agreements “are ongoing”.

The statement did not name the disbanded agencies, but the Treasury, State and Energy Departments are among them Reported to be affected.

“This is a serious agreement, which will require sustained and dedicated effort to resolve,” the statement said. ” [joint agency effort] Will continue to take every necessary action to investigate, delete, and share information with its partners and the American people.

News of an extensive espionage operation came to light in early December after cyberspace giant FireEye, typically the first company to call cyber-attack victims, discovered its network Had a breakup. Soon after, it was reported that several government agencies had also been infiltrated.

All victims are customers of American software firms Orion, Whose Orion network management tools are used in US government and Fortune 500 companies. FireEye Hackers said that Broke into SolarWinds’ network and pushed a tainted software update to its customers, allowing hackers to easily break into any of the thousands of companies and agencies that updated the backdoor.

Some 18,000 customers downloaded the backdoor software update, but the government’s joint statement said they believed “a very small number of their systems have been compromised by follow-on activity.”

Several news outlets have previously reported that the hack was carried out by a Russian intelligence group known as Apt 29, or Cozy Bear, which has been linked to a number of espionage-driven attacks, including Attempt to steal coronavirus vaccine research.

Tuesday’s joint statement will be the first time the government has acknowledged the possible culprit behind the campaign.

Russia previously denied involvement with the hack.