The US government confirmed on December 13 that its computer networks had been hit by a cyberattack, as The Washington Post reported at least two departments had been targeted by Russian state hackers.
A spokesperson for the Cybersecurity and Infrastructure Security Agency (CISA) said: “We have been working closely with our agency partners regarding recently discovered activity on government networks.
“CISA is providing technical assistance to affected entities as they work to identify and mitigate any potential compromises.”
The Post said the hacks were linked to an attack last week on cybersecurity firm FireEye, which said its own defences were breached by sophisticated attackers who stole tools used to test customers’ computer systems.
FireEye said it suspected the attack was state-sponsored.
US media reports also said the FBI was investigating a group working for the Russian foreign intelligence service, SVR, and that breaches had been taking place for months.
The same group also reportedly hacked US government agencies during the Obama administration.
National Security Council spokesman John Ullyot said: “The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation.”
Russia’s embassy in the US hit back later on December 13 against what it said were the “unfounded” media claims, denying any role in the alleged attacks.
The embassy said in a statement on its official Facebook page: “Malicious activities in the information space contradicts the principles of the Russian foreign policy, national interests and our understanding of interstate relations.
“Russia does not conduct offensive operations in the cyber domain.”