Hackers targeted US nuclear weapons agency in massive cybersecurity breach, reports say

Authored by independent.co.uk and submitted by Pessimist2020

The National Nuclear Security Administration and Energy Department, which safeguard the US stockpile of nuclear weapons, have had their networks hacked as part of the widespread cyber espionage attack on a number of federal agencies.

Politico reports that officials have begun coordinating notifications about the security breach to the relevant congressional oversight bodies.

Suspicious activity was identified in the networks of the Federal Energy Regulatory Commission (FERC), Los Alamos and Sandia national laboratories in New Mexico and Washington, the Office of Secure Transportation, and the Richland Field Office of the Department of Energy.

Officials with direct knowledge of the matter said hackers have been able to do more damage to the network at FERC, according to the report.

Shaylyn Hynes, a DOE spokesperson told The Independent that the department is responding in coordination with federal and industry partners and that the investigation is ongoing and the response to this incident is happening in real time.

“At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the department, including the National Nuclear Security Administration,” she said.

"When DOE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DOE network.”

Please enter your email address Please enter a valid email address Please enter a valid email address SIGN UP Thanks for signing up to the Inside Washington newsletter {{#verifyErrors}} {{message}} {{/verifyErrors}} {{^verifyErrors}} {{message}} {{/verifyErrors}} The Independent would like to keep you informed about offers, events and updates by email, please tick the box if you would like to be contacted

Read our full mailing list consent terms here The Independent would like to keep you informed about offers, events and updates by email, please tick the box if you would like to be contacted

Read our full mailing list consent terms here

DOE is in constant communication with its industry partners, including the leadership of the energy sector Subsector Coordinating Councils.

Regular contact is also being maintained with the Information Sharing and Analysis Centres for electricity, oil and natural gas, and downstream natural gas, which facilitate communication between the government and all partners in those sectors.

Federal authorities have expressed alarm about the intrusion into US and other computer systems around the world that officials suspect was carried out by Russian hackers.

The Cybersecurity and Infrastructure Security Agency warned of a “grave” risk to government and private networks.

In its most detailed comments yet, the agency said on Thursday that the intrusion had compromised federal agencies as well as “critical infrastructure” in a sophisticated attack that was hard to detect and difficult to undo.

CISA did not specify which agencies or infrastructure had been breached, nor what information had been taken. It is believed that the attack began in March.

The agency said previously that the perpetrators had used network management software from Texas-based SolarWinds to infiltrate computer networks. An updated alert says the hackers may have used other methods, as well.

The DOE confirmed that the attack on their system was related to SolarWinds.

The Associated Press report an official as saying: “This is looking like it’s the worst hacking case in the history of America. They got into everything.”

If it can be proven that the hack originated in Russia, it could create a fresh foreign policy headache for the Trump administration in its final days in the White House.

Senator Mitt Romney ot Utah commented on the apparent silence from the Oval Office: "I think the White House needs to say something aggressive about what happened. This is almost as if you had a Russian bomber flying undetected over the country, including over the nation's capital, and not to respond in a setting like that is really stunning."

President-elect Joe Biden said in a statement: “I want to be clear: my administration will make cybersecurity a top priority at every level of government – and we will make dealing with this breach a top priority from the moment we take office.”

He continued: “We will elevate cybersecurity as an imperative across the government, further strengthen partnerships with the private sector, and expand our investment in the infrastructure and people we need to defend against malicious cyber attacks."

realmastodon2 on December 17th, 2020 at 23:00 UTC »

They did breach their classified networks or their unclassified networks? Usually in these hacks they hit their networks which are unclassified because the classified networks are not connected to the internet. They're running their own intranet between locations. You need to know the locations of the cables and towers to intercept their traffic. This is why the FBI tells the public to alert them if you see suspicion activity near towers or fiber optic cables locations.

PYIDA on December 17th, 2020 at 21:27 UTC »

Related to SolarWinds?

Pessimist2020 on December 17th, 2020 at 21:01 UTC »

The National Nuclear Security Administration and Energy Department, which safeguard the US stockpile of nuclear weapons, have had their networks hacked as part of the widespread cyber espionage attack on a number of federal agencies.

Politico reports that officials have begun coordinating notifications about the security breach to the relevant congressional oversight bodies.

Suspicious activity was identified in the networks of the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation, and the Richland Field Office of the Department of Energy.

Officials with direct knowledge of the matter said that hackers have been able to do more damage to the network at FERC, according to the report.

The Independent has asked the Department of Energy for comment, but is yet to receive a response.