The federal government has been rocked by a shocking cyberattack that reports say likely came from a foreign government.
According to The Hill, the U.S. Treasury and Commerce Departments, and potentially other federal agents, were impacted by a breach that some reports suggested may have come from Russia.
A spokesperson for the Commerce Department confirmed the development, which was first revealed by Reuters, in a statement, according to The Hill.
“We can confirm there has been a breach in one of our bureaus. We have asked CISA and the FBI to investigate, and we cannot comment further at this time,” the spokesperson said.
What we know
Speaking with Reuters, a spokesperson for the National Security Council (NSC) said the government “is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation.”
Both the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are said to be investigating the matter, reports noted.
According to NBC News, “[t]he hackers appear to have gotten access by first breaking into SolarWinds, an Austin-based company that provides remote information technology services to [a] long list of clients around the world, including a number of U.S. government agencies and major corporations.”
The attack reportedly targeted interdepartmental emails, though the full extent of the breach is not yet clear. The New York Times reports that the breach went “undetected” since at least the spring of this year, and may have also impacted the Pentagon.
The Times reported:
United States officials did not detect the attack until recent weeks, and then only when a private cybersecurity firm, FireEye, alerted American intelligence that the hackers had evaded layers of defenses.
While reports largely pointed fingers at the Kremlin, Russia’s embassy in the U.S. has put out a statement denying any involvement. The embassy likened the reports to “another unfounded attempt of the U.S. media to blame Russia for hacker attacks on U.S. governmental bodies.”
“Russia does not conduct offensive operations in the cyber domain,” the embassy’s statement added.
As of Monday, President Donald Trump himself has not yet publicly commented on the reported breach.