US officials suspect Russian agents hacked into federal email systems

Widespread reports indicate that hackers, believed to be working for the Russian state, have breached US federal departments allowing them to monitor potentially sensitive email systems. On Sunday the Trump administration acknowledged reports that a cyberattack had been carried out on both the Treasury Department and the US Department of Commerce.

There has not yet been any official confirmation that the attack was perpetrated by the Russian state but sources have revealed that it is believed to be the work of a foreign government. Hackers working for the Russian foreign intelligence service have targeted American cybersecurity in the recent past and the FBI are investigating a group known as APT29, or Cozy Bear, in relation to attacks during the Obama administration.

Hackers breach government email systems

The news was first broken by Reuters who report that hackers working for a foreign government have gained access to email traffic of at least two key federal departments. At this stage officials believe that the attack focused on the Treasury Department and the Commerce Department’s National Telecommunications and Information Administration (NTIA). The latter is the government agency tasked with crafting internet and telecommunications policy.

In response to the reports, National Security Council spokesman John Ullyot confirmed that the White House was aware of and was addressing the breach: “The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation.”

Little is known about the scale of the breach but one White House insider revealed that the National Security Council held a meeting at the White House on Saturday in response to the hack. The source went on to call the cyber-attack “highly sophisticated”, alleging that the hackers were able to trick the authentication controls on staff's Microsoft Office emails.

The FBI and CISA to investigate major cybersecurity breach

The Trump administration have said little in response to the news, other than to acknowledge that a breach had taken place, and the reason for the attack remains a mystery. However the amount of information accessed by outside agents is believed to be substantial, with David E. Sanger, national security correspondent for the New York Times, describing it as “perhaps among the largest, attacks on federal systems in the past five years”.

“We can confirm there has been a breach in one of our bureaus. We have asked CISA and the FBI to investigate, and we cannot comment further at this time,” a spokesperson for the Commerce Department told NBC News. At the time of writing neither CISA nor the FBI have commented on the matter.

The added attention on CISA, the Cybersecurity and Infrastructure Security Agency, could provoke some awkward questions for President Trump who fired former Director Chris Krebs just weeks ago. Krebs had been a vocal critic of Trump’s allegations of electoral fraud during the presidential election, using his agency's Rumor Control blog to dispel the President’s falsehoods.