The US authorities accused Russian hackers, who, according to American intelligence services, were involved in cyberattacks on the SolarWinds IT company at the end of 2020, of hacking the email of the country’s federal prosecutors. transfers Ministry of Justice of the country.
According to the agency, a hacker group from Advanced Persistent Threat (APT29), which, according to the US authorities, is associated with Russian intelligence, hacked Microsoft mail accounts from May 7 to December 27, 2020. Hacked underwent 27 offices of district attorneys in different states. As noted by the department, the offices of prosecutors in four counties of New York were hardest hit, where hackers gained access to the accounts of at least 80% of employees.
The hacker attack on SolarWinds became known in December last year.
“We can say pretty accurately that it is the Russians who are behind this activity,” former US Secretary of State Pompeo said at the time. How noted The New York Times, Pompeo – became the first from the administration of ex-President Trump to publicly declare the connection of this attack to Russia.
The attack itself lasted several months and affected dozens of government departments, including nuclear laboratories and the Pentagon, the Treasury and the Commerce Department. The US authorities announced their involvement in the attack by the hacker group APT29, or Cozy Bear, which, according to the American side, is linked to Russian intelligence. At the same time, Moscow denied all accusations of involvement in the hacking of computer networks.
On May 28, Microsoft recorded yet another massive hacker attack on US and foreign government agencies and think tanks.
“This week we saw cyberattacks by Nobelium attackers targeting government agencies, as well as research, consulting and non-profit organizations,” said then vice president Tom Burt.
According to him, the cyber attack targeted 3,000 mailboxes in 150 organizations working in the field of human rights protection. The main target of the attack was the United States, but at least 24 countries were affected.
A Microsoft spokesman argued that the first attack was the marketing system of the US Agency for International Development (USAID), after which the hackers were able to send emails with phishing links to different addresses, which downloaded malicious software to users’ computers. After that, hackers gained access to user data.