A foreign government backed hacking group has reportedly stolen information from both the United States Treasury Department and an agency in charge of determining policy related to internet and telecommunications, according to a Reuters exclusive report.
Reuters reported that three people briefed on the situation said the U.S. intelligence community is concerned the hacking group who compromised the Treasury Department and the Commerce Department’s National Telecommunications and Information Administration (NTIA) have also used similar tactics to break into other government agencies.
“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said John Ullyot, a spokesman for the National Security Council.
According to Reuters, a National Security Council meeting was held at the White House regarding the serious and “sophisticated” hack, one person familiar with the matter said.
The U.S. government has not publicly disclosed who is behind the hack, but Reuters reported that three people familiar with the investigation said Russia is responsible. The Russian Embassy posted a statement on Facebook denying the claims.
🔸 Обратили внимание на очередные безосновательные попытки американских СМИ обвинить Россию в…
Posted by Embassy of Russia in the USA / Посольство России в США on Sunday, December 13, 2020
The hack is reportedly linked to Microsoft Office 365, the NTIA’s office software. Sources said emails from agency personnel were monitored for months.
Microsoft did not respond to Reuters’ request for comment prior to publishing the exclusive report.
NTIA was part of the Trump administration’s efforts to ban Tiktok and WeChat, two Chinese social media apps, claiming they posed a threat to national security. The Chinese companies impacted denied the Trump administration’s claims.
One person familiar with the matter called the hackers “highly sophisticated” in their ability to trick authentication controls within the Microsoft platform. The source was reportedly not allowed to speak to the press and told Reuters the information on a condition of anonymity.
“This is a nation state,” another source brief on the situation said. “We just don’t know which one yet.”
A number of federal agencies are involved in the investigation, including the FBI. With the investigation just beginning, the extent of the hack remains unclear, three people familiar with the matter said.
A Cybersecurity and Infrastructure Security Agency spokesperson said they have been “working closely with our agency partners regarding recently discovered activity on government networks. CISA is providing technical assistance to affected entities as they work to identify and mitigate potential compromises.”
The U.S. National Security Agency and FBI did not respond to Reuters’ request for comment.