Hackers, believed to be working for Russia, reportedly monitored internal email traffic at the US Treasury and Commerce departments, according to sources.
Sources close to the investigation told Reuters news agency that the hacks are feared to be the 'tip of the iceberg'.
The incident is so serious it led to a National Security Council meeting at the White House on Saturday, according to reports.
US officials have not yet said publicly who is behind the hack, but have confirmed there was a breach at one of its agencies and asked Cybersecurity and Infrastructure Security Agency and the FBI to investigate.
National Security Council spokesman John Ullyot added that
they "are taking all necessary steps to identify and remedy any possible issues related to this situation."
Three people familiar with the investigation reportedly said Russia is believed to be responsible for the attack. Two of the people claimed the breaches are connected to a broad campaign that also involved the recently disclosed hack on FireEye, a major US cybersecurity company with government and commercial contracts.
The cyber spies are believed to have gotten in by tampering with updates pleased by IT company SolarWinds, which serves government customers across the executive branch, the military and the intelligent services, claim two people familiar with the matter.
The trick, which can be referred to as a 'supply chain attack', involves hiding malicious code in the body of legitimate software updates provided to targets by third patires.
Cold Paw! Russian cat travels over 2,000 miles to turn up on Brit south coast
In a statement released late Sunday, the Austin, Texas-based company said that updates to its monitoring software released between March and June of this year may have been subverted by what it described as a "highly-sophisticated targeted and manual supply chain attack by a nation state."
The breach presents a major challenge to the incoming administration of President-elect Joe Biden as officials investigate what information was stolen and try to ascertain what it will be used for. It is not uncommon for large scale cyber investigations to take months or years to complete.
"This is a much bigger story than one single agency," said one of the people familiar with the matter.
"This is a huge cyber espionage campaign targeting the U.S government and its interests."
A spokesperson for the Cybersecurity and Infrastructure Security Agency said they have been "working closely with our agency partners regarding recently discovered activity on government networks. CISA is providing technical assistance to affected entities as they work to identify and mitigate any potential compromises."
The Russian foreign ministry did not immediately return a message seeking comment for the news agency late on Sunday.
Source: Read Full Article