The Energy Department and its National Nuclear Security Administration, which maintains America’s nuclear stockpile, were targeted as part of a larger attack by suspected Russian hackers.
BY WILLIAM TURTON , MICHAEL RILEY , JENNIFER JACOBS , AND BLOOMBERG
December 17, 2020 5:30 PM EST
The Energy Department and its National Nuclear Security Administration, which maintains America’s nuclear stockpile, were targeted as part of a larger attack by suspected Russian hackers, according to a person familiar with the matter. The hack affected unclassified systems, the person added. The hack of the nuclear agency was first reported by Politico.
In addition, two people familiar with the ongoing investigation said three states were breached in the attack, though they wouldn’t identify the states. A third person familiar with the probe confirmed that states were hacked but didn’t provide a number.
In an advisory Thursday that signaled the widening alarm over the the breach, the Cybersecurity and Infrastructure Security Agency said the hackers posed a “grave risk” to federal, state and local governments, as well as critical infrastructure and the private sector. The agency said the attackers demonstrated “sophistication and complex tradecraft.”
While President Donald Trump has yet to publicly address the hack, President-elect Joe Biden issued a statement Thursday on “what appears to be a massive cybersecurity breach affecting potentially thousands of victims, including U.S. companies and federal government entities.”
“I want to be clear: My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority from the moment we take office,” Biden said, pledging to impose “substantial costs on those responsible for such malicious attacks.”
Russia has denied any involvement in the hack.
Although many details are still unclear, the hackers are believed to have gained access to networks by installing malicious code in a widely used software program from SolarWinds, whose customers include government agencies and Fortune 500 companies, according to the company and cybersecurity experts. The departments of Homeland Security, Treasury, Commerce and State were breached, according to a person familiar with the matter.
“This is a patient, well-resourced, and focused adversary that has sustained long duration activity on victim networks,” CISA said in its bulletin.