Security News > 2021 > January > SolarWinds Hackers Also Accessed U.S. Justice Department's Email Server
The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack.
"On December 24, 2020, the Department of Justice's Office of the Chief Information Officer learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others," DoJ spokesperson Marc Raimondi said in a short statement.
Calling it a "Major incident," the DoJ said the threat actors who spied on government networks through SolarWinds software potentially accessed about 3% of the Justice Department's email accounts, but added there's no indication they accessed classified systems.
The disclosure comes a day after the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, the Office of the Director of National Intelligence, and the National Security Agency issued a joint statement formally accusing an adversary "Likely Russian in origin" for staging the SolarWinds hack.
The agencies described the entire SolarWinds operation as "An intelligence gathering effort."
The espionage campaign, which originated in March 2020, worked by delivering malicious code that piggybacked on SolarWinds network-management software to as many as 18,000 of its customers, although additional intrusive activity is believed to have been conducted only against select targets.
News URL
Related news
- Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released (source)
- U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (source)
- Hackers exploit Roundcube webmail flaw to steal email, credentials (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)