Last year, suspected Russian hackers stole thousands of emails from U.S. State Department officials, according to two congressional sources familiar with the matter, who revealed the breach to Politico this week.
The congressional sources told Politico the hackers targeted the emails of the State Department’s Bureau of European and Eurasian Affairs and Bureau of East Asian and Pacific Affairs. A third official said it does not appear, at this point, that the hackers had breached the State Department’s classified network.
If Russia is behind the suspected hacking effort, it would be the second Kremlin-backed breach at the State Department in less than a decade.
According to the Washington Post, the State Department did use SolarWinds software. The U.S. software company was the subject of a recent and widespread hack that may have targeted thousands of government computers. It is unclear if this latest suspected State Department email breach is connected to the SolarWinds hack.
Responding to a Politico request for comment, a State Department spokesperson said “the Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected. For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time.”
Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger said the White House is also “not commenting on specific agencies.”
President Joe Biden’s administration has been working to review the extent and source of the SolarWinds hack.
“Several federal agencies have been hacked in the last year,” Neuberger told Politico. “As part of the Administration’s SolarWinds review, we discovered broad gaps in cybersecurity defenses across federal agencies. We identified five specific cybersecurity modernization areas, assessed agencies against them, and are implementing a Build Back Better plan to rapidly fund and roll out these technologies to remediate vulnerabilities and modernize our cybersecurity approach.”
Reports in early March suggested the Biden administration may even launch retaliatory cyber attacks against Russia for the SolarWinds hacks within the coming weeks.
Russia has denied it was behind the SolarWinds hack. Kremlin spokesman Dmitry Peskov said “the Russian state has never had and has nothing to do” with “such cybercrime and cyber terrorism” and said the alleged U.S. retaliation plan “is nothing more than international cybercrime.”
Politico reported suspected Russian hackers accessed State Department networks and White House computers in 2015.
The U.S. intelligence community recently released its assessment of the 2020 U.S. election, finding that Russia interfered in the election to harm candidate Biden and help former President Donald Trump. The assessment, released by Biden’s Director of National Intelligence (DNI) Avril Haines, said Russia primarily used proxies to push negative narratives about Biden with “U.S. media organizations, U.S. officials and prominent U.S. individuals, including some close to former President Trump and his administration.”