SolarWinds hackers accessed DOJ email

The Justice Department confirmed its systems were hacked by suspected Russian intelligence agents that exploited a backdoor vulnerability in the SolarWinds Orion IT management software.

Attackers are believed to have accessed "around" 3% of email inboxes, but not any classified systems, according to DOJ spokesman Marc Raimondi.

DOJ's confirmation comes the day after the White House’s Cyber Unified Coordination Group first attributed the SolarWinds Orion hack to a Russian entity. The group also said it believes "fewer than" 10 federal agencies were victimized by hackers following the initial breach.

"As part of the ongoing technical analysis, the department has determined that the activity constitutes a major incident under the Federal Information Security Modernization Act, and is taking the steps consistent with that determination," Raimondi said.

Additionally, the Cybersecurity and Infrastructure Security Agency issued new guidance for agencies that were running SolarWinds Orion, one of the IT management products compromised by the hack.

The supplemental guidance tasked agencies that ran affected SolarWinds products to conduct a forensic analysis and said agencies that "accept the risk of running SolarWinds Orion," must take steps to harden their systems. Agency CIOs must submit status report to CISA on these efforts on Jan. 19 and Jan. 25.

"Given the threat actor's interest in compromising identity, CISA is requiring agencies to provide additional details in order to map the possible threat space that was impacted as part of the compromise," the agency said in the supplemental guidance.

This article was first posted to FCW, a sibling site to GCN.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.


Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected