Russian government hackers are behind a broad espionage campaign that has compromised U.S. agencies, including Treasury and Commerce.
This was reported by The Washington Post.
The Russian hackers, known by the nicknames APT29 or Cozy Bear, are part of that nation’s foreign intelligence service, the SVR, and they breached the Treasury and Commerce departments, along with other U.S. government agencies. The same Russian group hacked the State Department and the White House email servers during the Obama administration.
Officials were scrambling over the weekend to assess the nature and extent of the intrusions and implement effective countermeasures, but initial signs suggested the breach was long-running and significant, the people familiar with the matter said. The hackers breached the email systems of Treasury and Commerce and NTIA. It is possible that the attack could also damage other US state agencies.
According to Reuters, the attack appeared to be so serious and large that it prompted an emergency National; Security Council meeting on Saturday, November 12. The case, therefore, is being investigated by several intelligence agencies, including the FBI
According to John Ullyot, a National Security Council spokesman, “The United States government is aware of these reports, and we are taking all necessary steps to identify and remedy any possible issues related to this situation. Although he did not comment on country or group responsible.
The people familiar with the intrusions, who spoke on the condition of anonymity because of the sensitivity of the matter, informed that in five years it has been one of the largest breaches of the US government systems. One of the agencies of the Ministry of Trade was also affected by the attack. The breaches began in the spring and went unnoticed for several months amid the COVID pandemic and presidential elections.
In turn, Russia denies its involvement in the hacker attack on the United States. The Russian Embassy in Washington on Sunday called the reports of Russian hacking “baseless.” In a statement on Facebook, it said, “attacks in the information space contradict” Russian foreign policy and national interests. “Russia does not conduct offensive operations” in the cyber domain.
According to "Apostrophe", meanwhile the site of the European Medicines Agency (EMA), which stored data on Pfizer and BioNTech vaccines against coronavirus was also hacked by the unknown group. The investigation is being proceeded.