The Division of Vitality says it was hacked in a suspected Russian marketing campaign


The U.S. Department of Energy building can be seen in Washington, DC on July 22, 2019.

ALASTAIR PIKE | AFP | Getty Images

The Department of Energy was hacked as part of a massive, ongoing campaign against the US government, a spokesman said Thursday. This is the last confirmed authority that Russian spies have violated.

A number of federal agencies have been hit by a massive month-long violation which officials believe is the work of Russian intelligence. The government needed to find out what was infected and how much information was stolen.

"The investigation is ongoing and the response to this incident is real-time," DOE spokeswoman Shaylyn Hynes said in a statement.

"At this point in time, the investigation revealed that the malware was only isolated for corporate networks and did not interfere with the department's essential national security functions, including the National Nuclear Security Administration," she said.

Much of the campaign came after the hacking of SolarWinds, an Austin, Texas-based company that has many government agencies and a number of large US companies as customers. The hackers put malicious code in software updates that bypassed federal cybersecurity scans.

The campaign is said to have started in early March at the latest and was released on December 8th when cybersecurity company FireEye, which also works for federal agencies, admitted it had been hacked. On Sunday, the US agency for cybersecurity and infrastructure released an emergency policy to uninstall the compromised version of the SolarWinds software.

DOE was first notified by CISA on Sunday and immediately disconnected its systems, said a federal official aware of the situation. The teams there are now working around the clock assessing what, if anything, has been exfiltrated, which can take weeks.

It was "one of the most subtle hacks" they have ever seen, the official said, calling the fact that the government only learned of the breach after a private company was hacked and has been "truly breathtaking" for months. ""

Hynes said in the department's statement that "measures were immediately taken to mitigate the risk and that any software identified as vulnerable to this attack has been disconnected from the DOE network."

Only one other federal agency, the Department of Commerce, has officially confirmed that it was hacked as part of the SolarWinds campaign. A number of other agencies, including the Homeland Security and Treasury departments, are also believed to have been injured.

On Wednesday, a joint statement from CISA, the FBI and the Office of the Director of National Intelligence said the campaign was "significant and ongoing".


Steven Gregory