cloudyn.png
Monday March 1st, 2021 8:03PM

Justice Department, federal court system hit by Russian hack

By The Associated Press
Related Articles
  Contact Editor

WASHINGTON (AP) — The Justice Department and the federal court system disclosed on Wednesday that they were among the dozens of U.S. government agencies and private businesses compromised by a massive, months-long cyberespionage campaign that U.S. officials have linked to elite Russia hackers.

The extent of the damage was unclear.

The department said that 3% of its Microsoft Office 365 email accounts were potentially affected, but did not say to whom those accounts belonged. There are no indications that classified systems were affected, the agency said. Office 365 isn't just email but a collaborative computing environment, which means that shared documents were also surely accessed, said Dmitri Alperovitch, former chief technical officer of the cybersecurity firm CrowdStrike.

Separately, the Administrative Office of U.S. Courts informed federal judicial bodies across the nation that the courts’ nationwide case management system was breached. That potentially gave the hackers access to sealed court documents, whose contents are highly sensitive.

The Justice Department said that on Dec. 24 it detected "previously unknown malicious activity" linked to the broader intrusions of federal agencies revealed earlier that month, according to a statement from spokesman Marc Raimondi.

Separately, the court office said on its website that “an apparent compromise” of the U.S. judiciary's case management and electronic case file system was under investigation.

The Department of Homeland Security was scouring the system, it said, and cited a particular risk to sealed court filings, whose disclosure could jeopardize a lot more than active criminal investigations.

“The potential reach is vast. The actual reach is probably significant,” said a federal court official who spoke on condition of anonymity because they were not authorized to disclose the information. The official confirmed that the scope of the compromise was national but it was not clear how widespread.

The sealed court files, if indeed breached, could hold information about national security, trade secrets and wiretap transcripts, along with financial data from bankruptcy cases and the names of confidential informants in criminal cases, the official added.

On Tuesday, federal law enforcement and intelligence agencies formally implicated Russia in the intrusions, calling them part of a suspected intelligence gathering operation. President Donald Trump had previously questioned that consensus, suggesting without foundation that China could be to blame.

The hacking campaign was extraordinary in scale, with the intruders stalking through government agencies including the Treasury and Commerce departments, defense contractors and telecommunications companies for months by the time the breach was discovered.

Experts say that gave the foreign agents ample time to collect data that could be highly damaging to U.S. national security, although the scope of the breaches and exactly what information was sought is unknown.

An estimated 18,000 organizations were seeded with malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds. But only a subset are believed to have been compromised. Tuesday's statement said that fewer than 10 federal government agencies have so far been identified as having been hacked.

Johns Hopkins cyberespionage expert Thomas Rid said the 3% figure of email accounts accessed at Justice may not sound like a lot, but that it doesn’t mean that the hackers "didn’t get to the interesting stuff.”

Cybersecurity experts responding to the hack say highly skilled cyber spies of the caliber behind the SolarWinds hack are apt to keep their footprint as small as possible to avoid detection — targeting only high-value email and documents.

Rid wondered how sure the Justice Department could be about the extent of its compromise.

“How good is their own visibility given that U.S. government agencies totally missed the breach in the first place?” he said. “Are they really on top of the problem? Are we only really seeing the tip of the iceberg?”

The breach was discovered by FireEye, a prominent cybersecurity company, on its network. It then identified and notified other victims.

Experts expect the severity of the hack and the number of victims identified to increase over time.

“History tells us that if you have a large breach, not just in one organization but across an entire government — an entire sector — it will take a long time to identify who are the victims and how badly they are compromised,” said Rid.

Microsoft declined to comment on long the intruders were reading emails in the Justice Department's Office 365 environment, which is typically a cloud-based service hosted by the software provider.

—-

Bajak reported from Boston. Associated Press writers Mark Sherman in Washington and Maryclaire Dale in Philadelphia contributed to this report.

  • Associated Categories: Local/State News, Associated Press (AP), AP Business, AP Technology News
© Copyright 2021 AccessWDUN.com
All rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.
Justice Department, federal court system hit by Russian hack
The Justice Department and federal court system have disclosed they were compromised as part of a massive breach of federal government agencies that U.S. officials have linked to Russia
4:47PM ( 4 minutes ago )
AP VoteCast: How Democrats won the Georgia Senate runoffs
Georgia Democrats Jon Ossoff and Raphael Warnock were propelled to victory in Senate runoff elections by Black voters, young voters and new arrivals to the rapidly diversifying state
4:45PM ( 6 minutes ago )
The Latest: Trump tells 'very special' protesters to go home
President Donald Trump, in a video message, is urging supporters to “go home” but is also keeping up false attacks about the presidential election
4:41PM ( 10 minutes ago )
Associated Press (AP)
The Latest: Biden denounces protesters' violence at Capitol
President-elect Joe Biden has called the violent protests on the U_S_ Capitol “an assault on the most sacred of American undertakings: the doing of the people’s business.”
4:14PM ( 38 minutes ago )
Governors scramble to speed vaccine effort after slow start
New York’s governor is threatening to fine hospitals that don’t use their allotment of COVID-19 vaccine fast enough
4:13PM ( 38 minutes ago )
The Latest: Pence calls on protesters to leave Capitol
Vice President Mike Pence is calling on protesters to leave the Capitol immediately, going further than President Donald Trump who merely called for his supported to “remain peaceful.”
4:09PM ( 43 minutes ago )
AP Business
Justice Department says it's been affected by Russian hack
The Justice Department says about 3 percent of its email accounts could be compromised as part of a massive breach of federal government agencies that U.S. officials have linked to Russia
1:50PM ( 3 hours ago )
WikiLeaks founder Assange denied bail in UK
A British judge has denied bail to WikiLeaks’ founder Julian Assange, who has been jailed in Britain since 2019 as he fights extradition to the United States
11:50AM ( 5 hours ago )
UK watchdog investigates chip maker Nvidia's takeover of Arm
UK regulators are investigating graphics chip maker Nvidia’s $40 billion purchase of chip designer Arm over concerns about its effect on competition
11:04AM ( 5 hours ago )
AP Technology News
AP VoteCast: How Democrats won the Georgia Senate runoffs
Georgia Democrats Jon Ossoff and Raphael Warnock were propelled to victory in Senate runoff elections by Black voters, young voters and new arrivals to the rapidly diversifying state
4:45PM ( 6 minutes ago )
The Latest: Trump tells 'very special' protesters to go home
President Donald Trump, in a video message, is urging supporters to “go home” but is also keeping up false attacks about the presidential election
4:41PM ( 10 minutes ago )
The Latest: Ballot counting paused in large Georgia county
Georgia’s largest county is stopping ballot processing and tabulation for the day after supporters of President Donald Trump stormed the U.S. Capitol in Washington
4:38PM ( 13 minutes ago )
The Latest: Explosive device found near Capitol amid protest
At least one explosive device has been found near the U.S. Capitol amid a violent occupation of the building by supporters of President Donald Trump
4:36PM ( 16 minutes ago )
Arizona deemed 'hot spot of the world' amid virus surge
Five months after President Donald Trump hailed Arizona as a model for how it dealt with the COVID-19 pandemic, public health experts warned that the state has become “the hot spot of the world.”
4:27PM ( 24 minutes ago )