The FBI and Cybersecurity and Infrastructure Security Agency are investigating a cyberattack by Russian-linked hackers that have infiltrated the U.S. Treasury and Commerce departments.
The cyberespionage campaign is being described at one of the largest hacks against U.S. government agencies in the last five years. Sources close to the investigation are reporting Russia is behind the cyberattacks.
So far, investigators believe internal email traffic at the departments were being monitored. A recent data breach at the cybersecurity firm FireEye is also being linked to the attack on the U.S. agencies.
FireEye officials released a statement on the data breach, saying they have “identified a global campaign that introduces a compromise into the networks of public and private organizations through the software supply chain.”
Officials said the data breach has been linked to the SolarWinds server software that is used by multiple U.S. federal agencies as well as many Fortune 500 companies. SolarWinds has about 300,000 customers across the globe.
FireEye officials said they have identified multiple organizations that may have been compromised going as far back as this past spring.
“Our analysis indicates that these compromises are not self-propagating; each of the attacks require meticulous planning and manual interaction. Our ongoing investigation uncovered this campaign, and we are sharing this information consistent with our standard practice,” officials said.
The Russian foreign ministry posted a statement to Facebook saying the allegations were “unfounded attempts of the U.S. media to blame Russia for hacker attacks on U.S. governmental bodies.”
The statement went on to state “Russia does not conduct offensive operations in the cyber domain.”