The Energy Department and National Nuclear Security Administration have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, officials directly familiar with the matter said, as reported by policito.
On Thursday, DOE and NNSA officials began coordinating notifications about the breach to their congressional oversight bodies after being briefed by Rocky Campione, the chief information officer at DOE.
This series of attacks has led to the hacking of multiple US government networks as officially confirmed by the FBI, CISA, and the ODNI for the first time in a joint statement issued earlier today.
The list of US government targets compromised so far in this campaign also includes the US Treasury, the US Department of State, US NTIA, US NIH, DHS-CISA, and the US Department of Homeland Security.
The group behind this compromise campaign, suspected to be the Russian state-sponsored APT29 (aka Cozy Bear), was present on the networks of hacked organizations for long periods of time according to a CISA alert from earlier today.
“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” the agency said.
“CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”
