Three of the sources clearly stated Russia might be behind the attack and is also connected to the previous attack on hack on FireEye
According to some anonymous sources, some hackers are speculated to be working for Russia who are secretly supervising and checking the internal emails of the U.S Treasury and Commerce departments on a regular basis. The sources also added that the uncovered hacks might prove to be quite dangerous as they are purely classified.
On Saturday, the National Security Council of the US hosted a meeting at the white house as the hack is so serious, stated one of the unnamed sources.
As of now, the US officials did not say anything publicly, but the Commerce Department mentioned that one of its agencies was targeted with malicious attacks and hence, they asked the FBI and Cybersecurity and Infrastructure Security Agency to thoroughly investigate the matter.
John Ullyot, said exclusively to the Reuters “they are taking all necessary steps to identify and remedy any possible issues related to this situation.”
As of now, the government of US did not reveal anything to the people that who is expected to be behind the threat, but three of the sources clearly stated Russia might be behind the attack and is also connected to the previous attack on hack on FireEye, a major U.S. cybersecurity company with government and commercial contracts.
A Facebook statement posted by the Russian Foreign Ministry stated that the allegations are baseless and has no evidence and also, it’s an attempt by the US media to blame Russia for cyberattacks in the US agencies.
Two of sources further highlighted that the attackers have entered in a clandestine method and then meddled with updates released Solar Winds, the US-based IT company, whose customers are mostly the military and the intelligence service. The attack is mostly known as “supply chain attack” works by hiding malicious code in the body of legitimate software updates provided to targets by third parties.
A Cybersecurity and Infrastructure Security Agency spokesperson said to the Reuters, “they are working closely with our agency partners regarding recently discovered activity on government networks. CISA is providing technical assistance to affected entities as they work to identify and mitigate any potential compromises.”