Reports: U.S. Department Of Homeland Security Targeted By Russian Hackers
December 15, 2020
The U.S. Department of Homeland Security (DHS) has been added to a growing list
of targets in a major cyberattack by suspected Russian hackers, according to
U.S. media reports on December 14.
A DHS statement did not confirm the reports, saying only that it was "aware of
cyber breaches across the federal government and working closely with our
partners in the public and private sector on the federal response."
Cyberattacks first revealed on December 13 hit the U.S. Treasury Department and
the U.S. Commerce Department.
The DHS became the third department thought to be included in the attack,
according to The Washington Post and Reuters, citing unidentified officials. DHS
is responsible for border security and protecting the country from online
attacks. It also plays a role in the distribution of the COVID-19 vaccine.
E-mails sent by officials at the DHS were monitored by the hackers as part of
the sophisticated series of breaches, according to Reuters.
U.S. officials said Russian government hackers are believed to be behind the
cyberattacks, both Reuters and The Washington Post reported, citing multiple
The Russian Embassy in Washington denied any involvement, calling the accusation
"Russia does not conduct offensive operations in the cyber domain," the Russian
embassy said in a statement on its web page.
"Malicious activities in the information space contradict the principles of the
Russian foreign policy, national interests, and our understanding of interstate
relations," the statement says.
National Security Council (NSC) spokesperson John Ullyot said in a statement on
December 14 that the NSC was working closely with Cybersecurity and
Infrastructure Security Agency (CISA) and the FBI and affected departments and
agencies “to coordinate a swift and effective whole-of-government recovery and
response to the recent compromise.”
The CISA and the FBI and other agencies are investigating. CISA also has ordered
federal agencies to immediately stop using technology products made by the
SolarWinds has admitted that hackers from an "outside nation state" inserted
malicious code into updates of its network management software issued between
March and June this year.
The company said up to 18,000 of its customers had downloaded the compromised
updates, which allowed hackers to spy unnoticed.
The company's software is also used by hundreds of thousands of organizations
globally, including major corporations and the most sensitive parts of the U.S.
and British governments.
British government spokesman said the United Kingdom was not currently aware of
any impact from the hack but was still investigating.
FireEye, a prominent cybersecurity company that was breached in connection with
the incident, said in a blog post that targets included government, technology,
and telecommunications companies in North America, Europe, Asia and the Middle
Many in the cybersecurity community suspect the Russian intelligence-linked
hacking group known as APT29, or Cozy Bear, was behind the FireEye attack.
The same group was behind attacks on the State Department and White House during
the administration of President Barack Obama, as well as the hack of the
Democratic National Committee’s servers during the 2016 presidential campaign.