By
David E. Sanger
- Dec. 13, 2020Updated 6:54 p.m. ET
The Trump administration acknowledged on Sunday that hackers acting on behalf of a foreign government — almost certainly a Russian intelligence agency, according to federal and private experts — broke into a range of key government networks, including in the Treasury and Commerce Departments, and had free access to their email systems. Officials said a hunt was on to determine if other parts of the government had been victimized by what looked to be one of the most sophisticated, and perhaps among the largest, attacks on federal systems in the past five years. Several said a series of national security-related agencies were also affected, though it was not clear whether the systems contained highly classified material. In public, the Trump administration said little about the hack, which suggested that while the government was worried about Russian intervention in the 2020 election, key agencies working for the administration — and unrelated to the election — were actually the subject of a sophisticated attack that they were unaware of until recent weeks.
“The United States government is aware of these reports, and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” John Ullyot, the spokesman for the National Security Council, said in a statement. The Commerce Department acknowledged that one of its agencies had been targeted, without naming it, and the Department of Homeland Security’s cybersecurity agency, whose
leader was fired by President Trump last month for declaring there had been no widespread election fraud, said in a statement that it had been called in as well.
The motive for the attack on the Treasury and Commerce Departments remains elusive, two people familiar with the matter said. One government official said it was too soon to tell how damaging the recent attacks were and how much material was lost. Reuters
earlier reported the breach.
The revelation came less than a week after the National Security Agency, which is responsible for both breaking into foreign computer networks and defending the federal government’s most sensitive national security systems,
issued a warning that “Russian state-sponsored actors” were exploiting flaws in a system that is broadly used in the federal government. At the time, the N.S.A. refused to give further details of what prompted the urgent warning. Shortly afterward, FireEye, a leading cybersecurity firm,
announced that hackers working for a state had stolen some of its prized tools for finding vulnerabilities in its clients’ systems, including the federal government’s. That investigation also pointed toward S.V.R., one of Russia’s leading intelligence agencies.
www.nbcboston.com
blogs.microsoft.com
www.theregister.com
