US Justice Department Says Russians Hacked Its Federal Prosecutors

In January America's federal Justice Department said there was no evidence that Russian hackers behind the massive SolarWinds breach had accessed classified systems, remembers the Associated Press. But today? The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. All told, the Justice Department said 27 U.S. Attorney offices had at least one employee's email account compromised during the hacking campaign.

The Justice Department said in a statement that it believes the accounts were compromised from May 7 to Dec. 27, 2020. Such a timeframe is notable because the SolarWinds campaign, which infiltrated dozens of private-sector companies and think tanks as well as at least nine U.S. government agencies, was first discovered and publicized in mid-December... Jennifer Rodgers, a lecturer at Columbia Law School, said office emails frequently contained all sorts of sensitive information, including case strategy discussions and names of confidential informants, when she was a federal prosecutor in New York. "I don't remember ever having someone bring me a document instead of emailing it to me because of security concerns," she said, noting exceptions for classified materials...

The Associated Press previously reported that SolarWinds hackers had gained access to email accounts belonging to the then-acting Homeland Security Secretary Chad Wolf and members of the department's cybersecurity staff...

Re:

[gtall]

Ya, everyone knows that recurring news stories miraculously become false when you get tired of hearing them. How unoriginal.

Re:

[Ol Olsoc]

Ya, everyone knows that recurring news stories miraculously become false when you get tired of hearing them. How unoriginal.

In WW2, they got tired of hearing about the Nasties, claimed it was Obama and Hillary and other libs with the fake news about the fake wars in Europe and the Pacific.

i think someone should stop

[dimko]

Passing the Solar Winds... https://external-content.duckd... [duckduckgo.com]

Re:

[kot-begemot-uk]

No. Casting the Mimecast.

This is not direct fallout from SolarWinds. One of the breached companies via SolarWinds was Mimecast. As a result hackers got their mitts on a certificate which could be used for authentication across a giant set of USA and other NATO members government agencies. Everything from the DOJ to the UK parliament.

There is a different question here - why Mimecast was issuing end-certificates and not interim CAs each of which could be used only for their own organizations. That questi

Hacked? Yes, but...

[times05]

But are they "almost certain" it was the Russians?

Must be

[JBMcB]

It must be. Nobody else does any hacking, right?

Re:

[Ol Olsoc]

It must be. Nobody else does any hacking, right?

So are you just a MAGA who works for Russia, or just support them because you want to drink liberal tears?

Let's face it - we're tired of you people, but we don't want to say you don't exist.

Anyhow, do not get the Covid vaccine under any circumstances.

Re:

[Ol Olsoc]

we're tired of you people

I'm tired of people believing obvious propaganda like someone can prove a hack was carried out by a specific state, but what are you gunna do? At least you didn't suggest threatening to drop bombs like some of the more retarded "patriots" on here.

Yeah - if the internet has taught us one thing - it is that it is impossible to trace where internet traffic comes from. 8^/

Re:

[Narcocide]

Satanists helped, usually unwittingly.

Yeah

[raymorris]

> But are they "almost certain" it was the Russians?

Um, yes.

We look at all of the available evidence. That evidence points to APT29, Cozy Bear. Someone will say "almost certain" if they weren't actually in the APT29 office while they were carrying this out, and they are pretty darn sure based on strong evidence.

If information security isn't your field, nor investigations, perhaps an analogy will give you a feel for it. Suppose you and your friends are big NFL fans. You and your buddies know all the stats

Re:

[raymorris]

Yeah you actually identified the two differences accurately.
It is indeed a full time job (or half time, shared with other infosec responsibilities), so indeed we've done it "hundreds of times". Thousands, actually.

Figure on average 25 hours / week for five years = about 6,000 hours of experience doing it. So yeah that's different from someone trying it once. Very observant of you.

And yes, after watching them over and over, we give them ta name, rather than using the name "Giants" or whatever name they chose

You know...

[93 Escort Wagon]

I was one of those people who thought Hillary Clinton deserved more grief than she got about that mail server in her basement. But it's getting harder to argue that doing that sort of thing is any less secure than relying on the "official" services.

Maybe the feds should tear up their existing contracts and see how much ProtonMail would charge for hosting all federal email (and how long it would take them to scale up their infrastructure).

Re:

[Ol Olsoc]

I was one of those people who thought Hillary Clinton deserved more grief than she got about that mail server in her basement. But it's getting harder to argue that doing that sort of thing is any less secure than relying on the "official" services.

Maybe the feds should tear up their existing contracts and see how much ProtonMail would charge for hosting all federal email (and how long it would take them to scale up their infrastructure).

It's the same story - When bother with HIPPA, when the hospitals gave everyone's data away for free, and why even have a password on your computer? All the retailers gave everyone's financial data away for the asking. Why hack one computer when the low hanging fruit is already picked and ready to exploit?

Re:

[bill_mcgonigle]

Security and auditability are related but separate concepts.

That's what the missing-ten-thousand email scandal was about - a public official avoiding accountability.

And yes they should be secure but they use Exchange despite everything everybody knows about Exchange.

They could have funded a FLOSS Exchange replacement 20 years ago but that's what grift is for.

Ironically didn't the Secretary run an old OSX box in her bathroom closet? Postfix and courier imapd probably? Might have been more secure at one p

Re:

[scalptalc]

They could have funded a FLOSS Exchange replacement 20 years ago

FLOSS to the rescue again, huh? It's humans who are the weak link. They will unconsciously aid and abet the eventual penetration of any system because, in their ancient natures, they see the system as their enemy. That is why the systems must eventually enslave them, the end being their destruction, guided by the final priest class of humans.

Never ProtonMail!

[warich]

Protonmail is not properly end-to-end encrypted [1][2]. They lied to their customers for a long time about it too. Personally identifiable information is required to use their services, as there are no private payment options [3]. When caught with their pants down about encryption they were forced to issue a statement to attempt to win some user trust back [4]. The fact that the developers don't even trust their servers should be cause for concern [5]. Would you trust a chef if they refused to eat their own

The secure-less office.

[Ostracus]

"I don't remember ever having someone bring me a document instead of emailing it to me because of security concerns," she said, noting exceptions for classified materials...

Maybe we should start doing that again for everything. If the Russians want their information they'll have to get it the old-fashion way.

Sue them

[AlwayRetired]

Maybe they should start bringing criminal charges against these companies for failing to protect their users (but the EULA probably lets them off the hook).

Re:

[Neuroelectronic]

It's the perfect system of governance, all the power, none of the responsibility.

Re:

[chill]

Well, this is the Office of theUnited States Attorneys, the part of gov't that actually brings criminal charges.

So you're saying, just cut out the middle-man and have them bring charges against themselves? Hmm. Your ideas are intriguing to me and I wish to subscribe to your newsletter.

Re:

[AlwayRetired]

I meant they (US Attorneys) should sue the company (SolarWinds).

Encryption

[zuckie13]

If e-mails containing sensitive information were encrypted (yes, even government using Microsoft stuff can do that), then would someone who got the e-mails be able to read them. Should be relatively hard without the key, right?
I'm just wondering if they were not following good practices on what should be encrypted.

Re:

[AmiMoJo]

Well if they "hacked the prosecutors" that implies they had access to their personal machines, and thus their encryption keys. Maybe they set a password but it was likely the same as the one that was compromised, or could be recovered by a keylogger.

Blame Microsoft

[bigtreeman]

So don't blame the Russians
Blame Microsoft for the breaches.

Re:

[Ol Olsoc]

So don't blame the Russians Blame Microsoft for the breaches.

You just used the "Those pretty girls and their sexy outfits - their fault they were sexually assaulted" defense!

Re:

[takionya]

I bought a burglar alarm that could be breached with a paperclip. I don't blame the designers, I blame the burglar.

So their security sucks badly too?

[gweihir]

Not really a surprise. However calling these primitive attacks "hacking" is basically a way to misdirect away from the abysmally bad security of the targets.

Re:

[Narcocide]

I'm just angry because these are the same people who turned their nose up at my private security services merely because I wasn't backed by a giant, unethical and massively porous megacorp.

Re:

[gweihir]

Consulting customer once told us: "When I want a name on a paper, I use one of the big companies. When I want work done competently, I always use a small one."

Customers need to have some level of skill and insight as well or they will buy the wrong thing. Seems these people are severely lacking in that regard. Very typical for government people though.

Oh noes ist teh ruskies

[Neuroelectronic]

for realz dis tiem

America Needs to Shut the Fuck Up About This Stuff

[theshowmecanuck]

Unless they are actually going to do something about it, who the fuck cares. Making empty threats is beyond old, that's why Russia and China keep doing what they do; because America keeps doing what it does, ship all their jobs to them and sit back and take all the computer hacks up the ass.. You don't like it? Stop whining at the dictator in Moscow to stop, and make him stop. Or it won't. I personally no longer care. It's not like I can do anything about it. Let me know when you've got the problem solved ffs.

Re:

[Max_W]

...at the dictator in Moscow to stop...

People think that it is like an omnipotent sultan in Moscow. It is far from the truth. It is an anarchy there where the government is just starting to tame it a bit.

Imagine an investigator arrives in a small town and everyone is part of the hacking group: mayor, police chief, judge, local elite, etc. It's like stopping drug trade on the Mexican-US border. Besides, these groups are spread into the neighboring countries.

What the US could to stop the illegal hacking activity in those parts is to partici

Re:

[robi5]

Maybe if Russia got out of areas held occupied or hostage, like Crimea, Donbass, Transnistria, Georgia, and they demilitarized Kaliningrad, and stopped murdering people at home and abroad, stopped hacking neighbors' and others' critical infrastructure, started cooperating with, rather than low key warring with the West, there'd be immense collaboration, economic integration and good will toward them. They'd have more than a self serving military industry run on oil money. Putin and cronies try to compensate

Re:

[Max_W]

... got out of areas held occupied or hostage..., and stopped murdering people ...

There are many disputed and controversial issues and territories in the world. And also in the USA: https://en.wikipedia.org/wiki/... [wikipedia.org] .

And well-known people get killed there quite often too. For example, the TikTok star was shot yesterday: https://www.nbcnews.com/news/u... [nbcnews.com]

These are difficult hard problems which could be tackled via dialog and constructive international cooperation.

Re:

[theshowmecanuck]

How is the weather in Moscow, comrade? I can't say I feel as bad as you do that your leader Putin cannot yet call the government there the Supreme Soviet. But I am sure he is working to make it happen.

Likely Target

[ytene]

If we put aside, for a moment, the question of the identity of the hostile party or parties that undertook these attacks, we can, perhaps, look at a related question: why did attackers select this particular group of targets?

The linked AP article explicitly states that "80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. All told, the Justice Department said 27 U.S. Attorney offices had at least one employee's email account compromised during the

US Justice Department Says Russians Hacked Its Fed

[takionya]

The Justice Department should find out who designed and installed the computers and prosecute them. Lets see if we can guess the name .. something beginning with 'M' :]