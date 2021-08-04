



Written by Dave Nyczepir Aug 3, 2021 | FEDSCOOP

A total of 27 U.S. law offices saw one or more employee Microsoft 365 email accounts compromised, when Russian hackers used the SolarWinds Orion update system to deliver malware to agencies, revealed Friday. the Ministry of Justice.

The DOJ believes that the advanced group of persistent threats, APT29 or Cozy Bear, had access to the accounts from May 7 to December 27, 2020 and all emails and attachments sent, received and stored.

The ministry first acknowledged the intrusion on Jan.6, but made its latest announcement to promote cybersecurity information sharing between agencies.

“The Department of Justice understands that when victims make information public about the nature and extent of the computer intrusions they have suffered, others can use that information to prepare for the next threat,” it reads. the update. “To encourage transparency and build homeland resilience, we are providing additional details today on the SolarWinds intrusion in December 2020.”

At least 80% of district office workers in eastern, northern, southern and western New York City have had their accounts compromised, and all have been briefed and educated on how to identify the cyber threats, the department said.

Other compromised districts included two in California, the District of Columbia, three in Florida, one in Georgia, one in Kansas, one in Maryland, one in Montana, one in Nevada, one in New Jersey, one in North Carolina, three in Pennsylvania, three in Texas, one in Vermont, two in Virginia and one in Washington.

Upon discovery, the DOJ’s CIO’s office cleared the hacker backdoor in its email environment and notified the Cybersecurity and Infrastructure Security Agency and Congress, but the damage persists.

“The department’s goal continues to be to mitigate the operational, security and privacy risks caused by the incident,” the update read.

