Russian hackers gained access to then-DHS Secretary Chad Wolf's emails via the SolarWinds attack, report says

Advertisement
Russian hackers gained access to then-DHS Secretary Chad Wolf's emails via the SolarWinds attack, report says
In this Sept. 23, 2020, file photo, Department of Homeland Security acting Secretary Chad Wolf makes an opening statement at his confirmation hearing before the Senate Homeland Security and Governmental Affairs Committee on Capitol Hill in Washington.Greg Nash/Pool via Associated Press
  • The SolarWinds hack compromised email accounts belonging to top DHS officials, AP reported.
  • Russian hackers gained access to then-acting DHS Secretary Chad Wolf's email account.
  • They also reportedly accessed accounts belonging to officials in the DHS's cyber division.

The hackers who carried out the massive SolarWinds hack last year may have gotten access to email accounts belonging to top government officials, including the former acting head of the Department of Homeland Security, the Associated Press reported.

In addition to then-DHS Secretary Chad Wolf, hackers may have also gained access to the email accounts of senior members of the DHS's cyber division, which is responsible for identifying and rooting out foreign threats to the US's national security and cybersecurity infrastructure.

The SolarWinds attack was first detected in December, and US officials have since attributed the attack to Russian hackers, specifically the group Cozy Bear, which is part of Russia's foreign intelligence arm. The Biden administration is said to be planning to retaliate against Russia in the coming weeks through a "mix of actions seen and unseen." Russia has denied responsibility for the attack.

Advertisement

Security experts told Business Insider last year that the SolarWinds hack the "most pristine espionage effort" in modern history and expressed shock that it happened right under the US's nose.

While public attention was focused on securing the 2020 election, hackers took the opportunity to wedge another door wide open, carrying out a devastating and months-long supply chain attack that could have exposed as many as 18,000 entities, and potentially more.

The hack targeted Orion, a type of network management software developed by the firm SolarWinds and distributed to thousands of clients. SolarWinds said a nation state was responsible for the hack and estimated that 18,000 Orion customers downloaded a malicious software update containing a backdoor that gave hackers access to their computer systems.

Advertisement

At least three state governments and multiple federal agencies were hacked, including the Pentagon, intelligence agencies, the state, commerce, and treasury departments, and the agency that manages the US's nuclear stockpile. The National Nuclear Security Administration said the attack was isolated to the business side of its network and did not affect critical infrastructure.

Republican Sen. Rob Portman reacted with alarm to the AP's revelation that Wolf and other senior DHS officials may have been targeted as part of the attack.

"The SolarWinds hack was a victory for our foreign adversaries, and a failure for DHS," Portman, who sits on the Senate Homeland Security and Governmental Affairs Committee, told the AP. "We are talking about DHS's crown jewels."

Advertisement

News of the far-reaching consequences of the SolarWinds hack comes as the US grapples with another sprawling cyberattack, believed to have been carried out by Chinese state-sponsored hackers, that affected Microsoft's email systems.

The attack may have affected as many as 30,000 organizations across the country, including small businesses, local governments, and, in some cases, military contractors.

{{}}