The US Department of Justice (DoJ) has admitted it is one of the victims of massive SolarWinds attack and hackers targeted its IT systems and accessed Microsoft O365 email server.
In a statement, the DOJ said that at this point, the number of potentially accessed O365 mailboxes appears limited to around 3 percent.
“We have no indication that any classified systems were impacted,” DOJ spokesperson Marc Raimondi said on Wednesday.
The DOJ has joined a long list of companies and government agencies that publicly admitted to having been impacted in the SolarWinds hack.
The suspected Russian hackers installed malware in the Orion software sold by the IT management company ‘SolarWinds’, and access sensitive data belonging to several US government agencies and businesses.
Around 18,000 private companies and government agencies downloaded these infected Orion updates and were infected with a version of the Sunburst (Solorigate) backdoor trojan.
In a subsequent analysis published since the original attack, security firms and US cybersecurity agencies investigating the hack said that hackers “escalated the attack only on a few of the infected companies”.
In a joint statement, four US agencies including the FBI and the NSA attributed the SolarWinds supply chain attack to an Advanced Persistent Threat (APT) actor, likely Russian in origin.
The DOJ said that it has determined that the activity constitutes a major incident under the Federal Information Security Modernisation Act, and is taking the steps consistent with that determination.
“The Department will continue to notify the appropriate federal agencies, Congress, and the public as warranted.”
According to a report in The New York Times, the suspected Russia-backed hackers compromised at least 250 federal agencies and top enterprises in the US, by infiltrating into ‘SolarWinds Orion’ monitoring and management software.
