SolarWinds: Russian hackers broke into email accounts at US attorney offices
Russian hackers behind the massive SolarWinds cyber-espionage campaign broke into the email accounts of some of the most prominent US federal prosecutors’ offices last year, the Department of Justice has said.
The department said 80% of Microsoft email accounts used by
employees in the four US attorney offices in New York were breached. All told,
the DoJ said 27 US attorney offices had at least one employee email account
compromised.
The justice department said on Friday it believes the
accounts were compromised from 7 May to 27 December last year. That timeframe
is notable because the SolarWinds attack, named for the company which made the
affected product and which infiltrated dozens of companies and think tanks as
well as at least nine government agencies, was discovered and publicized in
mid-December.
In April, the Biden administration announced sanctions,
including the expulsion of diplomats, in response to SolarWinds and Russian
interference in the 2020 US election. Russia has denied wrongdoing.
Jennifer Rodgers, a lecturer at Columbia Law School, said
when she was a federal prosecutor in New York, office emails frequently contained
sensitive information including case strategy discussions and names of
confidential informants.
“I don’t remember ever having someone bring me a document
instead of emailing it to me because of security concerns,” she said, noting
exceptions for classified materials.
The Administrative Office of US Courts confirmed in January
it was also breached, giving the SolarWinds hackers another entry point to
steal confidential information like trade secrets, espionage targets,
whistleblower reports and arrest warrants.
The list of affected district attorneys included
high-profile offices in Los Angeles, Miami, Washington and the eastern district
of Virginia. The southern and eastern districts of New York, where large
numbers of staff were hit, handle some of the most prominent prosecutions in
the country.
“New York is the financial center of the world and those
districts are particularly well known for investigating and prosecuting
white-collar crimes and other cases, including investigating people close to”
Donald Trump, said Bruce Green, a professor at Fordham Law School and a former
prosecutor in the southern district.
The DoJ said all victims had been notified and it was
working to mitigate “operational, security and privacy risks”. The department
said in January it had no indication that any classified systems were affected.
The DoJ did not provide detail about what kind of
information was taken and what impact such a hack may have on ongoing cases.
Members of Congress have expressed frustration with the Biden administration
for not sharing more information about the impact of the SolarWinds campaign.
SolarWinds hackers also gained access to email accounts
belonging to the then-acting homeland security secretary, Chad Wolf, and
members of cybersecurity staff, whose jobs included hunting threats from
foreign countries.
Comments
Post a Comment