Cybersecurity

DOJ says it was hit by SolarWinds hackers

computer hack (MARCUSZ2527/Shutterstock.com) 

The Justice Department today confirmed its systems were compromised as part of the ongoing breach by suspected Russian intelligence agents that exploited a backdoor vulnerability in the IT management software SolarWinds Orion.

DOJ late last month "learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others," according to spokesman Marc Raimondi.

Raimondi said hackers are believed to have accessed "around" 3% of email inboxes, but not any classified systems.

DOJ's confirmation comes the day after a White House task force for the first time attributed the SolarWinds Orion hack to a Russian entity. The group, called the Cyber Unified Coordination Group, also said it believes "fewer than" 10 federal agencies were victimized by hackers following the initial breach.

"As part of the ongoing technical analysis, the department has determined that the activity constitutes a major incident under the Federal Information Security Modernization Act, and is taking the steps consistent with that determination," Raimondi said.

Additionally, the Cybersecurity and Infrastructure Security Agency issued new guidance for agencies that were running SolarWinds Orion, one of the IT management products compromised by the hack.

The supplemental guidance tasks agencies that ran affected SolarWinds products to conduct a forensic analysis and agencies that "accept the risk of running SolarWinds Orion," must take steps to harden their systems. Agency CIOs must submit status report to CISA on these efforts on Jan. 19 and Jan. 25.

"Given the threat actor's interest in compromising identity, CISA is requiring agencies to provide additional details in order to map the possible threat space that was impacted as part of the compromise," the agency said in the supplemental guidance.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.


Featured

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

  • Workforce
    online collaboration (elenabsl/Shutterstock.com)

    Federal employee job satisfaction climbed during pandemic

    The survey documents the rapid change to teleworking postures in government under the COVID-19 pandemic.

Stay Connected