WASHINGTON (US) – Sources said that hackers working for the Russian government have been snooping on internal email traffic at the US Treasury and Commerce departments, adding that it could be just the tip of the iceberg.
One of the sources said the cyber snooping was so serious it led to a National Security Council meeting at the White House on Saturday.
Officials have not disclosed much other than the confirmation of the Commerce Department that there was a breach at one of its agencies and that the Cybersecurity and Infrastructure Security Agency and the FBI have been told to conduct a probe.
According to National Security Council spokesman John Ullyot, they “are taking all necessary steps to identify and remedy any possible issues related to this situation.”
Although the government has not publicly identified the perpetrators behind the attack, three sources said Russia is said to be responsible for it. The security breaches are connected to a campaign involving the recently disclosed hack on FireEye, a major US cybersecurity firm having government and commercial contracts.
The Russian foreign ministry said in a statement that the allegations were another unfounded attempt by the US media to blame Russia for cyberattacks against US agencies.
It is believed that the hackers surreptitiously tampered with updates of IT firm SolarWinds, which serves government customers across the executive branch, the military, and the intelligence services. They adopted the trick – known as a “supply chain attack” – by hiding malicious code in the body of legitimate software updates.
The firm said on Sunday that updates of its monitoring software released between March and June this year may have been subverted by a “highly-sophisticated, targeted and manual supply chain attack by a nation state.”