Cybersecurity

Senate Dems demand answers on DOJ's hack exposure

Royalty-free stock illustration ID: 110138069 by 3dreams 

A group of Democratic senators is seeking answers from the Justice Department on agency efforts mitigate potential harm arising from compromised to email accounts breached in the SolarWinds hack.

The month's-long attack, which the intelligence community attributes to Russian actors, also penetrated the judicial branch's case filing system.

"The DOJ and the [Administrative Office of U.S. Courts] have acknowledged that they were among the federal agencies breached by Russian hackers, providing troubling accounts of the breadth and depth of the compromise," the senators wrote in a Jan. 20 letter.

The letter is signed by Democratic Sens. Richard Blumenthal (Conn.), Dianne Feinstein (Calif.), Patrick Leahy (Vt.), Richard Durbin (Ill.), Sheldon Whitehouse (R.I), Amy Klobuchar (Minn.), Chris Coons (Del.), Mazie Hirono (Hawaii) and Cory Booker (N.J.).

DOJ reported 3% of email accounts may have been compromised. The lawmakers pointed out that given the size of the agency – "over 115,000 positions," they wrote – the damage, "could amount to thousands of email accounts with an agency tasked with profoundly sensitive law enforcement and national security missions."

The senators want DOJ to elaborate on which offices and records specifically were affected and detail mitigation measures have been implemented. The letter also asks if DOJ has found and reported other methods of entry hackers may have used.

The Cybersecurity and Infrastructure Security Agency has stated the hackers behind the ongoing SolarWinds Orion breach are skilled at forging security tokens and have been observed tampering with trust protocols.

"Microsoft reported that the actor has added new federation trusts to existing on premises infrastructure," according to guidance from CISA. "Where this technique is used, it is possible that authentication can occur outside of an organization's known infrastructure and may not be visible to the legitimate system owner."

The senators want DOJ and the courts to provide written answers to their questions by Jan. 31.

About the Author

Justin Katz is a former staff writer at FCW.


Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected