SolarWinds attackers breached email of US prosecutors, says Department of Justice
A new update to the SolarWinds attack has revealed that hackers breached the email accounts of US prosecutors, boasting access to the accounts for several months. Several top US intelligence agencies have confirmed that the attacks were likely the work of Russian state-sponsored hackers. US President Joe Biden has initiated sanctions against Russia due to the attacks, which had a huge effect on several US entities.
The DoJ stated that it was treating the source of the attack as an APT that was able to gain broad access to the department’s Microsoft Office email systems. This means that the hackers were able to access much more information than the 3% of non-classified emails the DoJ initially determined the APT had accessed. The DoJ stated that the APT gained access to the Office 365 email accounts of at least 80% of employees working in the US Attorneys’ offices in New York. The department published a list of 27 different districts that suffered email compromisation due to the attacks. The DoJ also confirmed that the threat actors had access to the email accounts for at least six months, roughly the duration of the attacks.