Reportedly, the Russian government-backed hackers also managed to spy on the emails of the National Telecommunications and Information Administration (NTIA).
Hackers backed by the Russian government hacked into several US government departments including the National Telecommunications and Information Administration (NTIA) and U.S. Treasury and Commerce.
NTIA is an agency of the Department of Commerce that decides internet and telecommunications policy in the United States and also advises the President on issues related to telecom.
First reported by the Washington Post; the hack is being blamed on the Russian APT29 group (also known as Cozy Bear, CozyCar, CozyDuke, and Grizzly Bear).
Reportedly, due to the seriousness and sophistication of the attack, a National Security Council meeting also took place at the White House on Saturday. In a statement, John Ullyot, a National Security Council spokesperson, told Reuters that:
“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation.”
It is worth noting that the group is believed to have ties with Russia’s foreign intelligence agency SVR. APT29 is also being pointed out for last week’s hack in which the top US-based cybersecurity firm FireEye was hacked with its sensitive tools stolen.
Reuters’ report further states that in NTIA’s case the hackers managed to breach its office software along with Microsoft’s Office 365. The breach was then used by hackers to spy on the agency including staff emails for months.
“This is a much bigger story than one single agency. This is a huge cyber espionage campaign targeting the U.S. government and its interests,” a source told Reuters.
In a statement to Wall Street Journal’s Dustin Volz, a spokesperson from the Department of Commerce confirmed the breach and revealed that the department is working with the FBI and CISA (Cybersecurity and Infrastructure Security Agency).
Russia has been a prime suspect of cyberattacks in the US on a number of occasions. In August 2020, the FBI and the NSA had warned of malware attacks against Linux systems after exposing a Russian State hacking tool called Drovorub.
In October 2017, The Wall Street Journal reported that Russian government-sponsored hackers managed to steal extremely sensitive information about classified spying tools used by the United States’ National Security Agency (NSA).
As for the recent reports of Russian involvement in cyberattacks against the United States, it will be important to see the evidence acquired by authorities and the reaction from President Donald Trump and President-Elect Joe Biden.