Unique: Hackers spied on US Treasury Division e-mail for a overseas authorities – Sources
© Reuters. Hooded man holds laptop computer while cyber code is projected onto him in this illustration image
By Christopher Bing
WASHINGTON (Reuters) – Foreign government-backed hackers have monitored internal email traffic at the US Treasury Department and an agency that, according to people familiar with the matter, makes internet and telecommunications policy decisions.
There is concern within U.S. intelligence that the hackers targeting the Treasury Department and the Department of Commerce’s national telecommunications and information administration were using a similar tool to break into other government agencies, according to three people who were briefed on the matter . People didn’t say what other agencies.
“The United States government is aware of these reports and we are taking all necessary steps to identify and correct any potential problems associated with this situation,” said John Ullyot, spokesman for the National Security Council.
The hack is so serious that it resulted in a meeting of the National Security Council at the White House on Saturday, said one of the people familiar with the matter.
The breach poses a major challenge to President-elect Joe Biden’s future administration as officials investigate what information has been stolen and try to determine what it is being used for. It’s not uncommon for extensive cyber investigations to take months or years.
“This is a much bigger story than any single agency,” said one of the people familiar with the matter. “This is a huge cyber espionage campaign against the US government and its interests.”
Hackers broke into NTIA’s Office software, Microsoft (NASDAQ 🙂 Office 365. The emails from the agency’s employees were monitored by the hackers for months.
A Microsoft spokesperson did not immediately respond to a request for comment.
The hackers are “sophisticated” and were able to trick the authentication controls on the Microsoft platform, according to a person familiar with the incident who spoke on condition of anonymity because they were not allowed to speak to the press.
“This is a nation-state,” said another person who was briefed on the matter. “We just don’t know which ones yet.”
The full scope of the violation is unclear. The investigation is still in its early stages and affects a number of federal agencies, including the FBI, according to the three people familiar with the matter.
A spokesman for the agency for cybersecurity and infrastructure security said they had “worked closely with our agency partners on recently discovered activity in government networks. CISA provides technical assistance to affected companies to identify and mitigate potential tradeoffs.”
The FBI and the US National Security Agency did not immediately respond to a request for comment.
There is evidence that the NTIA email compromise dates back this summer, although it was only recently discovered, according to a senior US official.
NTIA was part of a group of agencies involved in the Trump administration’s efforts to ban Chinese social media apps Tiktok and WeChat. The Trump administration has stated that such apps pose a national security threat. The Chinese companies concerned deny the claim.
Disclaimer: Fusion Media would like to remind you that the information contained on this website is not necessarily real-time or accurate. All CFDs (stocks, indices, futures) and forex prices are not provided by exchanges, but by market makers. Therefore, prices may not be accurate and may differ from the actual market price. This means that the prices are indicative and not suitable for trading purposes. Therefore, Fusion Media is not responsible for any trading loss you may incur as a result of using this information.
Fusion Media or anyone involved with Fusion Media assumes no liability for any loss or damage caused by reliance on the information contained on this website, such as data, offers, charts and buy / sell signals. Please be fully informed about the risks and costs associated with trading in the financial markets. This is one of the riskiest forms of investment possible.