Hackers compromised networks of the Energy Department and National Nuclear Security Administration, which is responsible for maintaining the U.S. nuclear weapons stockpile, as part of a larger cyber-espionage campaign that has already affected multiple US government entities.
As per Politico, the suspicious activity was identified in networks of the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation at NNSA, and the Richland Field Office of the DOE. Citing people familiar with the matter the outlet said that the FERC sustained more damage than other agencies and officials at FERC have “evidence of highly malicious activity,” though additional details regarding the intrusion have not been provided.
According to the sources, the investigation is still ongoing and federal investigators have yet to determine what exactly the hackers were able to access or steal. However, the DOE spokesperson Shaylyn Hynes said that an ongoing investigation into the incident has found that the attackers did not gain access to critical defense systems.
The hack appears to be part of a series of cyber attacks against US federal agencies leveraging a backdoor called Sunburst (or Solarigate) distributed via malicious SolarWinds Orion updates.
DOE has confirmed a security breach.
“Department of Energy is responding to a cyber incident related to the SolarWinds compromise in coordination with our federal and industry partners. The investigation is ongoing and the response to this incident is happening in real-time. At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission-essential national security functions of the Depart ..
Support the originator by clicking the read the rest link below.
