US cyber-attacks: US energy department confirms it was hit

January 4, 2021, The US energy department is the latest agency to confirm it has been breached in what is being described as the worst-ever hack on the US government.

The energy department is responsible for managing US nuclear weapons, but said the arsenal’s security had not been compromised.

Many suspect the Russian government is responsible. It has denied any role.

The US treasury and commerce departments are among the other targets of the sophisticated, months-long breach, which was first acknowledged by officials.

Researchers, who have named the hack Sunburst, say it could take years to fully comprehend what is one of the biggest ever cyber-attacks.

Joe Biden has vowed to make cyber-security a “top priority” of his administration. “We need to disrupt and deter our adversaries from undertaking significant cyber-attacks in the first place,” he said.

“There’s a lot we don’t yet know, but what we do know is a matter of great concern,” Mr Biden has said.

America’s top cyber agency, the Cybersecurity and Infrastructure Agency (Cisa) gave a stark warning on Thursday, saying that addressing the intrusion would be “highly complex and challenging”.

The hack began in at least March 2020, and those responsible had “demonstrated patience, operational security, and complex tradecraft”, Cisa said.

Cisa said the perpetrators managed to breach computer networks using network management software made by the Texas-based IT company SolarWinds.

Up to 18,000 SolarWinds Orion customers downloaded updates containing malicious software installed by hackers.

All US federal civilian agencies were told to remove SolarWinds from their servers earlier this week as a result.

Cisa said it was investigating “evidence of additional access vectors, other than the SolarWinds Orion platform”.

Microsoft said it had identified more than 40 of its customers who were targeted in the cyber-attack, including government agencies, think tanks, non-governmental organisations and IT companies. About 80% of these were in the US, while others were in Canada, Mexico, Belgium, Spain, the UK, Israel and the UAE.

The company’s president Brad Smith said the attack was remarkable for its scope, sophistication and impact. “This is not ‘espionage as usual,’ even in the digital age,” he wrote in a blog post.

Neither Cisa or the FBI have publicly said who they believe to be behind the attacks, but private security companies and officials quoted in US media have pointed the finger at Russia.