US says recent hacking campaign hit government networks, attack is ongoing

The US government said the attack was "significant and ongoing". PHOTO: REUTERS

WASHINGTON (REUTERS, BLOOMBERG) - The US government confirmed on Wednesday (Dec 16) that a recent hacking campaign impacted its networks, and said the attack was "significant and ongoing".

"This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government," said a joint statement issued by the FBI, the Cybersecurity and Infrastructure Security Agency, and the Office of the Director of National Intelligence.

"Over the course of the past several days, the FBI, CISA, and ODNI have become aware of a significant and ongoing cybersecurity campaign," the joint statement said.

The White House has convened urgent meetings of officials across multiple agencies to address a breach of US government computer systems attributed to Russia, according to a person familiar with the matter.

The Trump administration is holding daily discussions on the hack that include representatives of the FBI, the Office of the Director of National Intelligence, Department of Homeland Security and National Security Agency, according to the person.

US government agencies were attacked as part of a global campaign orchestrated by hackers believed to be tied to the Russian government, according to US officials.

The hackers were reported to have installed a malicious vulnerability in software from Texas-based SolarWinds Corp., whose customers include top government agencies and Fortune 500 companies.

SolarWinds Corp said up to 18,000 of its customers had downloaded a compromised software update that allowed hackers to spy unnoticed on businesses and agencies for almost nine months.

It's unclear what information the hackers were after. No classified systems are believed to have been accessed, the person said.

A White House National Security Council spokesman had no immediate comment.

National Security Advisor Robert O'Brien returned early from a trip to the Middle East and Europe this week to address the hack.

In addition to the daily meetings, a separate US cyber response group is investigating the scope of the breach, which involved the departments of State, Commerce, Treasury and Homeland Security.

That group meets every other day and is in regular communication, the person said.

Technology officials at various government agencies are providing information to investigators and coordinating the response, the official said. It's not clear how long the cleanup and investigative effort will take.

The White House convened officials to assess the hack under an Obama-era program, known as Presidential Policy Directive 41, that outlined how the federal government would respond to a cyber attack.

The 2016 directive was designed to address incidents that had significant impact on an entity, national security or the economy that would require a unified government response and close coordination between the public and private sectors.

Join ST's Telegram channel and get the latest breaking news delivered to you.