Russian government hackers behind breach at US treasury and commerce departments

Hackers broke into Microsoft’s Office 365 and monitored staff emails for months, according to report

Graeme Massie

Los Angeles

Sunday 13 December 2020 22:34 GMT

Comments

US Treasury department breached by hackers backed by foreign government (Getty Images)

Leer en Español

Your support helps us to tell the story

Support Now

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Russian government hackers are behind the breach at the US Treasury and Commerce departments, says a report.

The hackers have been able to monitor email traffic within the departments for months, and it is not known how many other federal agencies they may have compromised.

Now the FBI is investigating the campaign by the hacking group working for the Russian foreign intelligence service, SVR, according to the Washington Post.

The hackers, who are known as Cozy Bear or APT29, are reportedly the same group that hacked the White House and State Department under the Obama administration.

APT 29 has also reportedly tried to steal research into the Covid vaccine.

“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said National Security Council spokesman John Ullyot.

The hack is seen as so significant that a National Security Council meeting was held at the White House on Saturday over it, according to Reuters.

US intelligence chiefs are reportedly concerned that the hackers who broke into the Treasury department and the Commerce Department’s National Telecommunications and Information Administration, may have also broken into other government agencies.

“This is a much bigger story than one single agency,” one official told Reuters. “This is a huge cyber espionage campaign targeting the US government and its interests.”

The news comes just weeks after Donald Trump fired the director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, Christopher Krebs.

Mr Krebs had rebutted many of Mr Trump’s false claims about election fraud and hacking of the voting system.

The hackers reportedly broke into the NTIA’s email system, which uses Microsoft’s Office 365, and had been reading staff emails for months.

Microsoft has not commented.

“This is a nation state. We just don’t know which one yet," said a person briefed with the hack.

The FBI, Homeland Security Department’s cybersecurity division and U.S. National Security Agency have yet to comment.

Reuters contributed to this report

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Stay up to date with notifications from The Independent

Thank you for registering

Russian government hackers behind breach at US treasury and commerce departments

Hackers broke into Microsoft’s Office 365 and monitored staff emails for months, according to report

Join our commenting forum

Thank you for registering