According to an investigation, the federal government’s networks have been intercepted by Russian hackers for more than five years now.
The hackers who are associated with Russian spy agencies have been keeping an eye on emails at the US Treasury and Department of Commerce, which might have resulted in confidential information of other bodies being compromised.
In other countries such as the UK, security agencies are actively trying to detect any interceptions in their systems. A National Security Council meeting was called at the White House following this.
The US National Security Council is working in collaboration with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) to promptly and effectively counter the breach and recover from it.
The US government has not officially announced the country behind the attack; however, several sources are pointing their fingers towards Russia. As reported by the Washington Post, there is a prominent hacking group in Russia that goes by the name of APT 29 or Cozy Bear, who are connected to the spy agencies, namely FSB and SVR.
The group has been previously accused multiple times, once by the US, the UK, and Canada of attempting to steal information on the coronavirus vaccines from their research departments. Secondly, in 2014 and 2015, they were also allegedly hacking into the White House and Democratic Party systems.
The Russian foreign minister spoke on the matter in a statement on Facebook, claiming that the US media was once again accusing Russia of cyber-raiding US agencies without any evidence.
They alleged to attempt to copy and steal data by compromising a software management tool employed by the government and businesses called SolarWinds.
According to cybersecurity experts, this was carried out by hackers who entered their code into the software, which was disguised as an update in the software. They also continued to explain that it’s very difficult to detect these kinds of attacks.
According to a filing to the US Securities and Exchange Commission, 300,000 agencies and companies use the SolarWind software; however, only 18,000 were employing the compromised version.
Several government agencies and businesses use this software including the US military, the National Security Agency, the State Department, the Office of the President of America, US telecommunications providers, and America’s Fortune 500 companies.
A spokesperson for CISA has explained that they will be providing technical assistance to organizations or agencies that have been affected by the attacks.