07/31/2021 10:19 AM
Updated 07/31/2021 10:19 AM
Russian cybercriminals behind the massive SolarWinds cyber espionage campaign infiltrated the email accounts of some of
the top federal prosecutors' offices
across the country last year, the United States Department of Justice reported.
The department reported that 80% of Microsoft email accounts used by employees at the four federal prosecutors offices in New York were hacked. In all, the Justice Department said
27 federal prosecutor's offices had at least
compromised during the hacking campaign.
The department said in a statement on Friday that the accounts appeared to have been compromised between May 7 and December 27, 2020. That period is notable because the SolarWinds campaign,
which infiltrated dozens of private sector companies and groups from experts
, as well as at least nine U.S. government agencies, was first discovered and published in mid-December.
In April, the government of President Joe Biden announced sanctions, including the expulsion of Russian diplomats, in response to the SolarWinds hack and Russian interference in the 2020 US presidential election.
Moscow denies wrongdoing Jennifer Rodgers
, a law school professor Columbia, said the office's emails frequently contained all kinds of confidential information, including discussions of case strategies and names of confidential informants, when he was a federal prosecutor in New York.
I don't recall someone bringing me a document
instead of emailing it to me for security reasons," he said, noting exceptions for classified materials.
The Administrative Office of the United States Courts confirmed in January that it was also infiltrated, giving SolarWinds hackers another entry point to steal confidential information such as trade secrets, spy targets, whistleblower reports and arrest warrants. .
The list of affected offices includes several large, high-profile offices such as those in Los Angeles, Miami, Washington, and the Eastern District of Virginia.
The attack on Kaseya
More than 200 companies that provide the internet were affected.
At the beginning of the month, cybercriminals carried out an extortionate cyberattack against the US company Kaseya just before the July 4 holiday long weekend, potentially affecting more than
1,000 companies through its IT management program.
The first direct consequence of the attack was that a large Swedish supermarket chain had to close more than 800 stores after its boxes were paralyzed.
At the moment it is difficult to estimate the true scope of the attack with
, a type of program that paralyzes a company's computer systems and then demands a reward in exchange for unlocking.
Por noticed around noon on Friday a possible incident in his VSA software, he assured that he had been able to circumscribe it
"to less than 40 clients worldwide."
But the latter provide services to other companies, allowing hackers to multiply their attack.
According to the computer security company Huntress Labs,
"more than 1,000 companies"
were affected by this ransomware.
"Based on the number of IT (information technology) service providers asking us for help and the feedback we see in this thread, it's reasonable to think it could impact thousands of small businesses," Huntress Labs notes in a
We have no data at this time on the number of companies affected,
" said Brett Callow, cybersecurity expert at Emsisoft.
But the scale of the attack is probably "unprecedented."
Based in Miami, Kaseya, which claims to have more than 40,000 customers, offers IT tools to businesses, including VSA software to manage the network of servers, computers and printers from a single source.
Joe Biden asked Vladimir Putin to act against cyberattacks carried out from Russia
New York launches cyber defense center in the heart of Manhattan