By Kevin Zhang
On December 13th, 2020, reports stated that multiple U.S. federal government department servers were hacked, and the U.S. government has acknowledged the breach.
Russian hackers working for the Kremlin are suspected to be responsible for the breach of computer systems at the Departments of Treasury, Commerce, and Homeland Security, though Russia denies any involvement.
According to U.S. officials, it is possible that the breach could have lasted for even up to a few months before it was discovered. Many U.S. government departments acknowledged the breach. “We can confirm there has been a breach in one of our bureaus,” the Commerce Department said.
According to a National Security Council spokesman, “We have been working closely with our agency partners regarding recently discovered activity on government networks”.
Media reports indicated that the SVR, Russia’s foreign intelligence service and equivalent of the American CIA, was the most probable culprit. The Russian SVR was also blamed for cyberattacks in 2014 and 2015 that involved email systems of the White House, State Department, and Joint Chiefs of Staff.
The hackers are believed to have used a supply chain attack strategy that embeds malicious code into software updates. The attack is believed to be directly related to the SolarWinds Orion program, an IT monitoring system. SolarWinds holds many contracts with the federal government, including military and intelligence branches.
Microsoft said on Sunday, “We believe this is nation-state activity at significant scale, aimed at both the government and private sector.”
FireEye, a cybersecurity company, says that the hackers believed to be responsible for the attack stole the company’s tools used to find vulnerabilities in customer computer networks, which include government networks.
Kremlin spokesman Dmitry Peskov, speaking last Friday, dismissed allegations that the Russian government was responsible for or involved in the attack.