SolarWinds Hack Targeted Federal Prosecutors’ Emails
- The emails of federal prosecutors’ offices around the country were hacked by Russian intelligence during the SolarWinds cyber attack.
- The Russian hackers had access to the emails of federal prosecutors in New York, California, DC and other jurisdictions from May to December 2020.
- The Justice Department released the update to “increase transparency” with the public as it continues to investigate the hacking.
Federal US prosecutors were among targets of the Russian hackers behind the 2020 SolarWinds cyber attack, the Justice Department said on Friday.
According to the update, the SolarWinds hackers breached the Department’s Microsoft O365 email accounts, which included the mailboxes of federal prosecutors from New York, Los Angeles, and prominent offices in 13 other states.
At least one employee email at each of the affected district offices was hacked, and at least 80% of employees in the four major US attorneys’ New York district offices — the Eastern, Southern, Western and Northern — had their accounts hacked, the DOJ said. Hackers gained access to all sent, received, and stored emails and attachments in those accounts, though it is unclear which information the hackers took.
“New York is the financial center of the world and those districts are particularly well known for investigating and prosecuting white-collar crimes and other cases, including investigating people close to the former president,” Bruce Green, a Fordham Law School professor, told the Associated Press.
US federal investigators said Russia’s Foreign Intelligence Service (SVR) was responsible for installing malicious malware into SolarWinds’ Orion software in 2020. The US information technology firm has more than 300,000 clients, including US government agencies and the vast majority of Fortune 500 companies.
The group is believed to have had access to the emails from May to December of last year.
After learning these accounts were hacked, the Department’s Office of the Chief Information Officer cut off the channel the hackers used to the Microsoft Office accounts, notified the affected parties and the public, and is continuing to monitor the security risks associated with the hack.
The Justice Department released the update to “encourage transparency and strengthen homeland resilience,” and so that others can “use that information to prepare themselves for the next threat,” the updated statement said.
The US Department of Justice could not be reached at the time of publication.