News

SolarWinds hackers were in US Department of Justice mailboxes

By admin
Spread the love

The hackers behind the supply chain attack on SolarWinds had access to emails from the US Department of Justice. According to the CIO of the ministry, criminals entered the Office 365 environment.

The discovery was made on December 24, but is only now coming out. On Christmas Eve, the chief information officer of the US Department of Justice discovered that criminal hackers were able to penetrate the Office 365 environment. The attackers had access to about three percent of all inboxes. According to the ministry, there are no indications that these are confidential systems, but it does not provide details.

The ministry does not say exactly how the criminals managed to get in, but it did say that it was related to the SolarWinds hack of mid-December. Then state hackers managed to penetrate various government agencies and companies through SolarWinds’ Orion network monitoring software. They could remain there undetected in the systems for a long time. Much is still unclear about the hack and one of the questions is how the hackers managed to circumvent the existing two-step verification of email accounts. In one case, the attackers were able to create a memory dump of servers running the Outlook Web App, and then retrieve an mfa key from Duo. It is not clear whether that has happened in this case. The ministry says it has closed access to the hackers.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Citrix warns of critical vulnerability in NetScaler ADC and Gateway

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory