Categories: SecurityWorkspace

SolarWinds Attackers ‘Accessed Emails’ Of Top US Officials

The SolarWinds hackers obtained access to the then-head of the US’ Department of Homeland Security and members of the department’s cybersecurity staff, the Associated Press reported.

The DHS confirmed that a “small number” of staff accounts were targeted in the wide-ranging hacking campaign.

The agency said it “no longer sees indicators of compromise on our networks”.

At an earlier Congressional hearing, representative Pat Fallon indicated that a DHS secretary’s email had been hacked, without providing details.

Cyber-espionage

The AP said it was able to identify then-acting DHS secretary Chad Wolf as the official affected.

Wolf declined to comment other than to say he had used multiple email accounts in the role.

The other DHS staff breached included employees involved in hunting cyber-threats from foreign countries, the AP said.

The news agency said it had interviewed more than a dozen current and former US government officials.

US officials have said they believe Russian state-backed hackers were behind the SolarWinds attack, which compromised at least nine US federal agencies and 100 private companies.

General Paul Nakasone, leader of the Pentagon’s cyber-security force, said last week the administration is considering a “range of options” in retaliation.

Security ‘gaps’

The administration has also said it is planning an executive order to address “significant gaps” in modernising the federal government’s security.

The order could reportedly also require many software vendors to notify their federal government customers in the event of a cybersecurity breach.

A recently approved US stimulus package includes $650 million (£471m) in funding for the Cybersecurity and Infrastructure Security Agency (CISA), partly intended for SolarWinds remediation efforts.

Another wide-ranging hack affecting Microsoft Exchange servers also began as a state-backed hacking effort launched by China, according to Microsoft, but has largely affected private-sector organisations.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

BT Eagle-i Seeks To Predict, Prevent Cyberattacks

Proactive security approach. New security platform from BT Security, dubbed 'Eagle-i', seeks to predict and…

2 days ago

Apple Risks South Korean Clash After Investigation Warning

South Korean government official warns of possible investigation into Apple's compliance with new App Store…

2 days ago

Moscow Metro Facial Recognition System For Speedy Payments

Privacy concern. Moscow's Metro system has launched 'Face Pay', a mass facial recognition system for…

2 days ago

US Army Delays $22 Billion Microsoft Augmented Reality Headsets

United States Army pushes back deployment date of Microsoft's augmented reality headsets, but insists it…

3 days ago

TSMC Confirms Chip Plant For Japan

Taiwanese chip giant TSMC confirms it will build a chip factory in Japan, that will…

3 days ago

GitLab Raises $800m In Successful Initial Public Offering

After a successful public debut that raised hundreds of millions of dollars, coding platform GitLab…

3 days ago