The Energy Department and National Nuclear Security Administration, which maintains the US nuclear weapons stockpile, has evidence of hackers accessing their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, POLITICO said in an exclusive report.
The officials of the Department of Energy (DOE) and the National Nuclear Security Administration (NNSA) on Thursday started coordinating notifications on the breach into their "congressional oversight bodies" after a briefing by Rocky Campione, DOE chief information officer.
According to the POLITICO report, "They found suspicious activity in networks belonging to the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation and the Richland Field Office of the DOE. The hackers have been able to do more damage at FERC than the other agencies, the officials said, but did not elaborate." The investigators have been searching intricately through networks to know the extent to which the hackers were able to breach.
POLITICO quoted the officials familiar with the case as saying that the officials at DOE still do not know whether the attackers were able to access anything and the probe is ongoing and they may not know the full extent of the damage "for weeks." Meanwhile, the DOE spokespeople have not responded on the matter.
Meanwhile, Federal authorities have expressed increased alarm about an intrusion into US and other computer systems around the globe that officials suspect was carried out by Russian hackers.
The nation's cybersecurity agency on Thursday warned of a "grave" risk to government and private networks.
The Cybersecurity and Infrastructure Security Agency said in its most detailed comments yet that the intrusion had compromised federal agencies as well as "critical infrastructure" in a sophisticated attack that was hard to detect and will be difficult to undo.
"This threat actor has demonstrated sophistication and complex tradecraft in these intrusions," the agency said in its unusual alert. "CISA expects that removing the threat actor from compromised environments will be highly complex and challenging." The hack, if authorities can indeed prove it was carried out by a nation such as Russia as experts believe, creates a fresh foreign policy problem for President Donald Trump in his final days in office.
Trump, whose administration has been criticised for eliminating a White House cybersecurity advisor and downplaying Russian interference in the 2016 presidential election, has made no public statements about the breach.