Senate Dems demand answers on DOJ's hack exposure
- By Justin Katz
- Jan 23, 2021
A group of Democratic senators is seeking answers from the Justice Department on agency efforts mitigate potential harm arising from compromised to email accounts breached in the SolarWinds hack.
The month's-long attack, which the intelligence community attributes to Russian actors, also penetrated the judicial branch's case filing system.
"The DOJ and the [Administrative Office of U.S. Courts] have acknowledged that they were among the federal agencies breached by Russian hackers, providing troubling accounts of the breadth and depth of the compromise," the senators wrote in a Jan. 20 letter.
The letter is signed by Democratic Sens. Richard Blumenthal (Conn.), Dianne Feinstein (Calif.), Patrick Leahy (Vt.), Richard Durbin (Ill.), Sheldon Whitehouse (R.I), Amy Klobuchar (Minn.), Chris Coons (Del.), Mazie Hirono (Hawaii) and Cory Booker (N.J.).
DOJ reported 3% of email accounts may have been compromised. The lawmakers pointed out that given the size of the agency – "over 115,000 positions," they wrote – the damage, "could amount to thousands of email accounts with an agency tasked with profoundly sensitive law enforcement and national security missions."
The senators want DOJ to elaborate on which offices and records specifically were affected and detail mitigation measures have been implemented. The letter also asks if DOJ has found and reported other methods of entry hackers may have used.
The Cybersecurity and Infrastructure Security Agency has stated the hackers behind the ongoing SolarWinds Orion breach are skilled at forging security tokens and have been observed tampering with trust protocols.
"Microsoft reported that the actor has added new federation trusts to existing on premises infrastructure," according to guidance from CISA. "Where this technique is used, it is possible that authentication can occur outside of an organization's known infrastructure and may not be visible to the legitimate system owner."
The senators want DOJ and the courts to provide written answers to their questions by Jan. 31.
Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.