In its latter statement, the DOJ said that to “encourage transparency and strengthen homeland resilience,” it wanted to provide new details, including that the hackers were believed to have had access to compromised accounts from about May 7 to December 27, 2020. Six months later, the department expanded on this and announced that the hackers had managed to breach email accounts of employees at 27 US Attorneys' offices, including ones in California, New York, and Washington, DC. There are conflicting reports about whether this attack was part of the SolarWinds campaign or carried out by the same actors. That was the same month the DOJ-whose 100,000-plus employees span multiple agencies including the FBI, Drug Enforcement Agency, and US Marshals Service-publicly revealed that the hackers behind the SolarWinds campaign had possibly accessed about 3 percent of its Office 365 mailboxes. Although the DOJ had notified CISA, a spokesperson for the National Security Agency told WIRED that it didn’t learn of the early DOJ breach until January 2021, when the information was shared in a call among employees of several federal agencies. The incident underscores the importance of information-sharing among agencies and industry, something the Biden administration has emphasized. When asked why, when the company announced the supply-chain hack in December, it didn’t publicly disclose that it had been tracking an incident related to the SolarWinds campaign in a government network months earlier, a spokesperson noted only that “when we went public, we had identified other compromised customers.” Mandiant itself got infected with the Orion software on July 28, 2020, the company told WIRED, which would have coincided with the period that the company was helping the DOJ investigate its breach.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |