Dec. 22 (UPI) — State-sponsored hackers, believed to be Russian, broke into the emails of the Treasury Department’s most senior staff in a cyberattack the damage from which is still unknown, the top Democratic senator of the Senate finance committee said Monday.
Sen. Ron Wyden, D-Ore., announced in a statement following a briefing of the committee on Monday that the Treasury confirmed it “suffered a serious breach, beginning in July, the full depth of which isn’t known.”
Early last week, it came to light that suspected Russian hackers breached several federal agencies through infiltrating software developed by information and technology management company SolarWinds, which serves more than 300,000 customers, including five branches of the U.S. military, several federal departments and the office of the president.
The Treasury and the Departments of Homeland Security and Commerce were the first to confirm being breached in the attack, followed by the Energy Department and its National Nuclear Security Administration, which oversees the U.S. nuclear stockpile.
Wyden, citing Treasury officials, said the hackers had gained access to the email system, compromising dozens of email accounts of the department’s highest-ranking officials.
“The Treasury still does not know all the actions taken by hackers, or precisely what information was stolen,” he said.
Wyden said Microsoft, and not a federal agency, informed the Treasury of the breach.
The senator’s comments seemingly contradicted Steven Mnuchin, the secretary of the Treasury, who told CNBC’s Squawk on the Street earlier Monday that “third-party software” was to blame for the breach and that “we do not see any break into our classified systems.”
Mnuchin said unclassified systems were accessed but to little effect.
“I will say the good news is there’s been no damage, nor have we seen any large amounts of information displaced,” he said, adding the Treasury was cooperating with intelligence agencies and the National Security Council concerning the breach.
“I can assure you, we are completely on top of this,” he said.
President Donald Trump has been relatively quiet on the hack, mentioning it only over the weekend via Twitter to downplay its severity and attempting to deflect accusations from Russia to China while spouting widely discredited claims of voter fraud in the presidential election.
Secretary of State Mike Pompeo on Friday, before Trump’s statement, blamed Russia for the hack.
On Monday, Attorney General William Barr, who has resigned and is to step down on Wednesday, told reporters that he is in agreement with Pompeo.
“It certainly appears to be the Russians,” he said.
The attack was uncovered by cybersecurity firm FireEye, which described it as “top-tier operational tradecraft” consistent with “state-sponsored threat actors.”
The number of victims is unknown but includes government agencies, critical infrastructure entities and private sector organizations, it said.
Microsoft has identified at least 40 customers who were breached. Though 80% of those compromised were located in the United States, it identified victims in Canada, Mexico, Belgium, Spain, Britain, Israel and the United Arab Emirates.
Brad Smith, Microsoft’s president, said “it is certain” the number of victims will grow while the U.S. Cybersecurity and Infrastructure Security Agency warned that “it is likely” the hackers maintain additional initial access to systems that have yet to be discovered.
Sen. Deb Fisher, R-Neb., of the Senate armed services committee has called for the Department of Energy to brief them on the breach.