State-sponsored hackers have been monitoring emails at the US Treasury Department and another American federal agency for months, according to the Reuters news agency.
The US intelligence community is reportedly concerned that the hackers who targeted the Treasury and an agency of the Commerce Department may have been spying on other agencies too.
People familiar with the matter cited by The Washington Post claimed that it is believed the hackers were working for Russia’s foreign intelligence service, the SVR.
Officials are said to believe the SVR, which has its headquarters in Moscow, was behind the attacks
“This is a much bigger story than one single agency,” one person familiar with the matter told Reuters. “This is a huge cyber espionage campaign targeting the US government and its interests.”
The incident led to a National Security Council meeting at the White House on Saturday, Reuters added.
The US Cybersecurity and Infrastructure Agency (CISA) has confirmed the breach, stating: “We have been working closely with our agency partners regarding recently discovered activity on government networks.
“CISA is providing technical assistance to affected entities as they work to identify and mitigate any potential compromises,” it added.
Sources said that staff emails at the Commerce Department’s National Telecommunications and Information Administration (NTIA), were being monitored for months after the hackers broke into Microsoft’s Office 365.
The “highly sophisticated” hackers were able to trick Microsoft’s authentication controls, one person familiar with the incident told Reuters on condition of anonymity.
Microsoft has not responded to requests for comment.
“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said National Security Council spokesman John Ullyot.
The Post had previously linked the SVR to a successful attack on cyber security firm FireEye.
