SolarWinds Hack Hit Office Home to the best Treasury Department officials

WASHINGTON – Russian hacker suspicion has compromised dozens of Treasury Department e-mail accounts and breached the office of its top officials as part of a large-scale campaign targeting several critical federal government agencies, a senior senator said Monday .

The Treasury Department does not know all the activity in which the hackers engaged or exactly what information was stolen, said in a statement addressed to The Wall Senator Ron Wyden (D., Ore.), Democrat from the ranking of the Finance Commission Senate. Street Journal.

“According to Treasury staff, the agency has suffered a serious breach since July, the depth of which is unknown,” Wyden said. He added that the hackers had entered systems belonging to the division of departmental offices, which house the highest officials of the Treasury.

Separately, hackers broke into about three dozen e-mail accounts in June at the National Telecommunications and Information Administration, including accounts belonging to the agency’s top management, according to a well-known US official. NTIA is an office within the Department of Commerce that works on telecommunications and internet policy.

It was unclear what hackers were trying to gain from spying on NTIA emails, but it could range from collecting general information to a massive leak of emails in the future or materials that could be used to more easily carry out future cyber attacks. , the official said, adding that “in any case, it is a gold mine”.

The Commerce Department did not immediately respond to a request for comment.

Details of the Treasury and Commerce violations are among the first to specifically describe what investigators know about what was compromised in the alleged Russian cyber espionage operation.

US officials are still in the early stages of assessing the damage caused by the hack, but an increasing number have linked the activity to Moscow. Attorney General William Barr said Monday that he believes Russia is behind the SolarWinds hack, a statement that puts it in line with the views of senior US officials, but which contradicts President Trump.

“From the information I have … it looks like they are Russians,” Mr Barr told a news conference on Monday.

Mr Barr gave his name to the widespread consensus among intelligence officials and cybersecurity experts that Russia is responsible for what is considered to be one of the worst hacks ever of federal computer systems. On Saturday, Secretary of State Mike Pompeo said “we can say quite clearly that the Russians have engaged in this activity.”

But President Trump downplayed the vast cyber espionage campaign and said in a tweet on Saturday that China could be held responsible. He did not elaborate.

On Monday, the White House National Security Council convened a classified interagency meeting with several cabinet secretaries, including Mr. Mnuchin, and national security leaders to discuss what is known so far about the severity of the hack, and about how to solve the damage, a US official said.

Russia has denied responsibility for the violation.

It was unclear which officials were affected by the Treasury Department’s hack, but an aide to Mr Wyden said the department did not believe Secretary Steven Mnuchin’s email account had been compromised. The department has been notified of dozens of compromised email accounts by Microsoft,

investigating the hack, said Mr. Wyden.

The domestic revenue service is not believed to have been violated in the attack, Wyden said following a meeting between Treasury officials and financial committee staff. The IRS is the largest Treasury office and one that protects sensitive financial data of taxpayers; IRS officials sent all investigations to the Treasury Department.

The information provided on the depths of the Treasury and Commerce trade-offs provides a small window into the realm of the hack, which was made possible after hackers routinely updated software from an Austin network management company called SolarWinds. Body.

with malicious code.

SolarWinds said it has been tracking hackers until at least October 2019 and is now working with security companies, law enforcement and intelligence agencies to investigate the attack.

The federal government’s widespread hack, which officials described as serious and ongoing, has hit at least six cabinet-level departments, including the state, energy and internal security departments, as well as the National Institutes of Health, which is part of the Department of Health and Human Services.

IRS executives have long been concerned about potential breaches of the agency’s computer systems, which hold information about criminal investigations and audits, along with social security numbers and financial data for hundreds of millions of Americans.

Sensors Wyden and Chuck Grassley, the Republican chairman of the Senate Finance Committee, sent a letter to the IRS last week requesting a briefing out of concern that taxpayers’ personal information could have been stolen. But investigators believe the IRS was unharmed, Mr. Wyden said.

Once hackers gained access to the departmental office network, they managed to steal an encryption key used by the Treasury, which allowed them to falsify the credentials needed to obtain what appeared to be legitimate access to multiple email accounts hosted in cloud Microsoft, an assistant for Mr. Wyden said.

“After years of government officials advocating for backdoor encryption and ignoring cybersecurity experts’ warnings that encryption keys are becoming irresistible targets for hackers, USG has now suffered a violation that appears to involve skilled hackers stealing encryption keys on USG servers, ”said Wyden, using an acronym for the US government.

Earlier Monday, Mr Mnuchin declined to provide details on the impact of the hack on the department, but confirmed there was a breach. Mr Mnuchin said his department was investigating, but so far officials did not believe the most sensitive information had been accessed by hackers.

“At the moment we do not see any entry into our classified systems,” Mr Mnuchin said in an interview with CNBC. “Our unclassified systems have had some access … We are completely at the top of this.”

Monica Crowley, a Treasury spokeswoman, declined to comment Monday night beyond Mr Mnuchin’s remarks.

Write to Dustin Volz at [email protected] and Richard Rubin at [email protected]

Copyright © 2020 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8