“The DOD is aware of the reports and is currently evaluating the impact,” said Russell Goemaere, a Pentagon spokesman.
This was the second time in recent years that Russian intelligence agencies breached the Foreign Ministry’s email systems. Six years ago, officials struggled to get Russian hackers out of their unclassified email systems and temporarily suspended the state’s communications with its own staff in order to clean up the system.
Then as now, Foreign Ministry officials refused to recognize that Russia was responsible. In an interview with Breitbart Radio News, Secretary of State Mike Pompeo generally denied the question, saying that “The Russians have consistently tried to break into American servers, not just those of government agencies but also of companies. We see this even more strongly from the Chinese Communist Party, including the North Koreans. “
In fact, it was the Russians who were consistently the most effective, although in this case it was not clear which State Department systems they had extracted data from or how much. A foreign ministry spokeswoman declined to comment.
Investigators also focused on why the Russians targeted the Ministry of Commerce’s national telecommunications and information administration, which is helping set guidelines for issues related to the Internet, including setting standards and blocking imports and exports from Technology considered a national security risk. However, analysts noted that the agency deals with some of the most cutting-edge commercial technology and dictates what will be sold and denied to rival countries.
Virtually all Fortune 500 companies, including the New York Times, use SolarWinds products to monitor their networks. This also applies to the Los Alamos National Laboratory, where nuclear weapons are developed, and large defense companies like Boeing, which on Monday refused to discuss the attack.
The early evaluations of the intrusions – presumably the work of the Russian SVR, a successor to the KGB – suggest that the hackers were very selective about which victims they exploited for further access and data theft.