Cybersecurity

DOJ says it was hit by SolarWinds hackers

computer hack (MARCUSZ2527/Shutterstock.com) 

The Justice Department today confirmed its systems were compromised as part of the ongoing breach by suspected Russian intelligence agents that exploited a backdoor vulnerability in the IT management software SolarWinds Orion.

DOJ late last month "learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others," according to spokesman Marc Raimondi.

Raimondi said hackers are believed to have accessed "around" 3% of email inboxes, but not any classified systems.

DOJ's confirmation comes the day after a White House task force for the first time attributed the SolarWinds Orion hack to a Russian entity. The group, called the Cyber Unified Coordination Group, also said it believes "fewer than" 10 federal agencies were victimized by hackers following the initial breach.

"As part of the ongoing technical analysis, the department has determined that the activity constitutes a major incident under the Federal Information Security Modernization Act, and is taking the steps consistent with that determination," Raimondi said.

Additionally, the Cybersecurity and Infrastructure Security Agency issued new guidance for agencies that were running SolarWinds Orion, one of the IT management products compromised by the hack.

The supplemental guidance tasks agencies that ran affected SolarWinds products to conduct a forensic analysis and agencies that "accept the risk of running SolarWinds Orion," must take steps to harden their systems. Agency CIOs must submit status report to CISA on these efforts on Jan. 19 and Jan. 25.

"Given the threat actor's interest in compromising identity, CISA is requiring agencies to provide additional details in order to map the possible threat space that was impacted as part of the compromise," the agency said in the supplemental guidance.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.

Featured

  • Image: Shutterstock

    COVID, black swans and gray rhinos

    Steven Kelman suggests we should spend more time planning for the known risks on the horizon.

  • IT Modernization
    businessman dragging old computer monitor (Ollyy/Shutterstock.com)

    Pro-bono technologists look to help cash-strapped states struggling with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help.

Stay Connected