Hackers targeting the federal government appear to be part of a Russian intelligence campaign against several U.S. agencies and companies, including cyber security company FireEye, officials said Sunday.
A spokesman for the Department of Commerce confirmed the violation, saying it happened in an unknown office.
Ministry officials have alerted the FBI and the Department of Homeland Security’s cybersecurity agency, the spokesman said, refusing to comment further.
The White House National Security Council also confirmed it was investigating another possible intrusion into the Treasury after Reuters reported that foreign-backed hackers had access to government internal emails.
The Washington Post first reported that the intrusions were carried out by the Russian External Intelligence Service (SVR).
SVR’s targets included FireEye, a major U.S. cyber security company with extensive government contracts, The Post reported. The company’s CEO said last week that he was “cheated by a nation with the highest level of offensive ability”.
The private cyber security official described in the case confirmed SVR’s involvement in NBC News.
Kevin Mandia, CEO of FireEye, said the primary goal of the hackers was to steal information from the company’s government customers.
It was not clear how much information the hackers had obtained, although the company said it had acquired the tools used by the FireEye Red Team, the department responsible for defending against new cyber attacks.
The Post reported that the Department of Commerce violated Solar Winds, an IT system used by tens of thousands of organizations. NBC News did not confirm the report independently.
The FBI and the National Security Agency did not want to make a statement on Sunday.
The cybersecurity agency of the Department of Homeland Security said in a statement that it was investigating “recently discovered activity on government networks.”
The agency said it would provide technical assistance to mitigate possible trade-offs.