Navigation
  •  
A1F

Report: US nuclear weapons agency hit by massive hacking campaign

Weapons managed by the National Nuclear Security Administration (NNSA). (NNSA/Released)
December 17, 2020

The National Nuclear Security Administration (NNSA), the U.S. agency that manages the nation’s stockpile of nuclear weapons, is the latest in federal agencies hacked, according to a new report on Thursday.

Officials close to the matter told Politico that the NNSA has evidence of hackers gaining access to the agency’s networks in a mass spy operation that also hacked various other U.S. agencies. The officials don’t yet know what information hackers have been able to access or steal – and it may take weeks to find out.

In addition to evidence of hacking in the NNSA’s networks, officials also identified suspicious network activity in the networks of The Energy Department, the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories.

NNSA manages the nation’s nuclear weapons, while the Sandia and Los Alamos labs perform research on nuclear weapons and nuclear power.

The latest agencies are believed to have been accessed via software provided by SolarWinds, which estimates that up to 18,000 of its users – government and private clients alike – could’ve been hacked. Other users of SolarWinds software include the Department of Defense, the State Department, and others.

Vulnerabilities in SolarWinds’ software patches enabled Russian hackers to gain access to the networks, officials believe, as reported by The Washington Post.

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA) and Office of the Director of National Intelligence (ODNI) released a joint statement on Wednesday confirming a “significant and ongoing cybersecurity campaign,” and describing it as a compromise that “has affected networks within the federal government.”

Another CISA alert on Thursday said the hacks targeting U.S. government agencies had been taking place as early as March 2020. It said the hackers were using virtual private servers (VPSs) and IP addresses in the victims’ home country to avoid detection.

CISA called the hacking “a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.”