The Department of Justice has conceded that its email accounts were breached by Russian attackers as part of the SolarWinds Orion software attacks, according to an announcement made yesterday. Roughly three percent of email accounts were breached, the department stated. The stealthy attacks lead to email compromise among other agencies as well. Russia is likely the culprit of the espionage campaign, yet they have repeatedly denied involvement.
The attacks affected roughly 10 US government agencies via the breach of SolarWinds’ Orion software, allowing the Russians to access sensitive material, sift through emails, and perform other dangerous functions that threaten national security. The malicious activity involved installing a secret backdoor into SolarWind’s Orion update without being detected. The espionage campaign was sophisticated, and researchers estimate that Russian adversaries had access to government agencies’ systems since last spring.
Read More: DoJ’s Microsoft 365 Email Accounts Compromised in SolarWinds Attacks