The attack compromised high placed officials at the U.S. Department of Homeland Security, according to the Associated Press.
The AP reported this week that the widely reported SolarWinds hack actually compromised the emails of top U.S. DHS officials. The news service reports that suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of the Department of Homeland Security and members of the department’s cybersecurity staff. Ironically, the attack targeted officials who were themselves hunting threats from foreign countries, according to the AP.
What is SolarWinds?
The SolarWinds story started in December, when officials discovered what they describe as a sprawling, months-long cyber-espionage effort. The attackwas done largely through a hack of a widely used software from Texas-based SolarWinds Inc.
The attack hit at least nine federal agencies, along with dozens of private-sector companies.
The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is not exactly clear. However, the symbolism of the attack is stark. The hackers accessed their accounts as part of the co-called the SolarWinds intrusion. This massive breach brings into question how the U.S. government can protect individuals, companies and institutions across the country if it can’t even protect itself.
A hack that managed to capture “the crown jewels”
“The SolarWinds hack was a victory for our foreign adversaries, and a failure for DHS,” said Sen. Rob Portman of Ohio, top Republican on the Senate’s Homeland Security and Governmental Affairs Committee. “We are talking about DHS’s crown jewels.”
The Biden administration has tried to keep a tight lid on the scope of the SolarWinds attack as it weighs retaliatory measures against Russia. But an inquiry by the AP found new details about the breach at DHS and other agencies, including the Energy Department, where hackers accessed top officials’ schedules.
The AP interviewed more than a dozen current and former U.S. government officials, who spoke on the condition of anonymity because of the confidential nature of the ongoing investigation into the hack.