The United States Department of Justice confirmed on Wednesday that its email systems were accessed by hackers who hacked the software company SolarWinds, another indication of the seriousness of the breach that rocked Washington.
The scale of the hack in the justice department was not immediately clear, but it can be significant. The department, which has more than 100,000 employees at a range of law enforcement agencies, including the FBI, the Drug Enforcement Agency and the US Marshals Service, said in a statement that 3% of its Office 365 mailboxes were potentially accessed.
The statement went on to say that the justice department had no indication that any confidential system was affected. But gaining access to up to thousands of e-mail inboxes from the country’s top law enforcement organization can still be a source of intelligence for foreign hackers.
The department plays a key role in eliminating foreign spies, applying sanctions and fighting corruption. The department recently took increasingly aggressive action against foreign hackers, uncovering a series of accusations against Russian, Chinese and Iranian cyber spies in the run for the U.S. presidential election two months ago.
A justice spokesman, Marc Raimondi, declined to provide an accurate number for the number of mailboxes targeted.
The statement said the Justice Department’s CIO office discovered the breach on Christmas Eve, weeks after the first reports surfaced that hackers suspected of acting on behalf of Russia had hacked into US government networks.
Russia has denied responsibility for the hacking campaign, which has been described as one of the most sophisticated operations discovered in recent years. But on Tuesday, the office of the U.S. national intelligence director said that Russia was probably behind the hack in the Trump administration’s first formal assignment statement.
Hackers were able to gain access to various government agencies by tampering with network monitoring software sold by Austin-based SolarWinds.
In a joint statement, the national intelligence office, the FBI, the National Security Agency and the Cybersecurity and Infrastructure Agency within the Department of Homeland Security said that the actor, “probably of Russian origin, is responsible for the majority or all discoveries, ongoing cybernetic commitments from governmental and non-governmental networks. ”
The investigation continues, they said, and may reveal other victims of the government. From now on, the hackers’ goal seemed to be to collect intelligence, rather than any destructive acts.
Less than 10 government agencies were affected, said the national intelligence director, but did not specify how many.
Cybersecurity experts said a full recovery from breaches could take months – or even longer.