Cyber-Attack on US Energy Department

Ananya Gupta

December 17, 2020

The US Energy Department confirmed that it had been breached in presumably the US government's worst-ever hack. The attack is said to have been carried out by Russian Intelligence as part of a massive campaign against the US Government. The Energy Department affirmed that the malware had been contained to business networks, leaving the department's national security functions unimpacted. The ongoing campaign is suspected of having begun in March, with the hacking of Texas-based company SolarWinds, which deals with many government agencies and major US companies. On December 8th, when cybersecurity company FireEye announced that it had been hacked, the campaign was made public. The US Cybersecurity and Infrastructure Agency, CISA, notified the Energy Department, disconnected its systems immediately, and is currently working on assessing information that was potentially exfiltrated. A spokesperson of the Energy Department stated, 'immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DOE network.' The Commerce Department has confirmed that it was also hacked as part of the campaign. On Wednesday, a joint statement from CISA, the FBI, and the office of the director of national intelligence said the campaign was 'significant and ongoing'.

Abridged fromNBC News