The Department of Homeland Security is the third federal agency to have fallen victim to a major cyberespionage campaign by the Russian government, joining the Treasury and Commerce departments as targets that have been compromised, officials said Monday.
The list of victims is expected to grow and to include more private companies, said officials and others familiar with the matter, who spoke on condition of anonymity because the matter is under investigation.
The fact that the department charged with safeguarding the country from physical and cyber attack was victimized underscores the campaign’s significance and calls into question the adequacy of federal cybersecurity efforts.
DHS spokesman Alexei Woltornist said that DHS is aware of reports of a breach and is currently investigating the matter. The compromise of that agency was first reported by Reuters.
Russia has denied any role in the attacks.
The Russian intelligence service, SVR, is believed to be behind the sophisticated campaign, which has been running since at least the spring. The hackers gained access to their victims’ systems through what is known as a “supply chain” attack, or taking advantage of routine software patches sent to these systems by a firm, SolarWinds, that provides network management tools.
The nature of the attacks indicated the attackers were focused on high-value targets, experts suggested.
“It’s not about quantity, it’s about quality” of targets, said John Hultquist, manager of analysis at FireEye, a cybersecurity consultancy that was also breached and that discovered through its own investigation the targeting of SolarWinds.
“SolarWinds was clearly a door that they could walk through,” he said. “We’re shutting this door. But they’re still in these organizations. There are a lot of information security teams right now who are probably going to be working on this problem through Christmas.”
Nick Miroff contributed.
Copy the Story Link
Send questions/comments to the editors.
Success. Please wait for the page to reload. If the page does not reload within 5 seconds, please refresh the page.
Enter your email and password to access comments.
Hi, to comment on stories you must . This profile is in addition to your subscription and website login.
Already have a commenting profile? .
Invalid username/password.
Please check your email to confirm and complete your registration.
Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.
Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.