The officials of the Department of Energy (DOE) and the National Nuclear Security Administration (NNSA) on Thursday started coordinating notifications on the breach into their “congressional oversight bodies” after a briefing by Rocky Campione, DOE chief information officer.
According to the POLITICO report, “They found suspicious activity in networks belonging to the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation and the Richland Field Office of the DOE. The hackers have been able to do more damage at FERC than the other agencies, the officials said, but did not elaborate.”
The investigators have been searching intricately through networks to know the extent to which the hackers were able to breach.
POLITICO quoted the officials familiar with the case as saying that the officials at DOE still do not know whether the attackers were able to access anything and the probe is ongoing and they may not know the full extent of the damage “for weeks.”
Meanwhile, the DOE spokespeople have not responded on the matter.
The attack on DOE has affirmed that the hackers were able to access the networks of the US national security enterprise.
The hackers are believed to have gained access to the federal agencies’ networks by compromising the software company SolarWinds, which sells IT management products to hundreds of governments and private-sector clients, POLITICO opined.
The officials have informed that the DOE officials were planning to notify the House and Senate Energy committees, House and Senate Energy and Water Development subcommittees, House and Senate Armed Services committees, and the New Mexico and Washington State delegations of the breach on Thursday.
On Wednesday, the FBI, Cybersecurity and Infrastructure Security Agency, and Office of the Director of National Intelligence issued a public statement saying that they got to know about the incident in recent days.
“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” the statement read.
According to POLITICO, the attack on the Federal Energy Regulatory Commission may have been an effort to disrupt the nation’s bulk electric grid.
The FERC does not directly manage power flows, however, it stores sensitive data on the grid that can be used to identify the “most disruptive locations for future attacks”.
“Hackers may have been casting too wide a net when they targeted DOE’s Richland Field Office, whose primary responsibility is overseeing the cleanup of the Hanford nuclear waste site in Washington state. During World War II and the Cold War, the US produced two- thirds of its plutonium there, but the site hasn’t been active since 1971,” POLITICO opined.