(Reuters) -Suspected Russian hackers who broke into U.S. government agencies also spied on less high-profile organizations, including groups in Britain, a U.S. internet provider and a county government in Arizona, according to web records and a security source.
More details were revealed on Friday of the cyber espionage campaign that has computer network security teams worldwide scrambling to limit the damage as a senior official in the outgoing administration of U.S. President Donald Trump explicitly acknowledged Russia’s role in the hack for the first time.
Secretary of State Mike Pompeo said on the Mark Levin radio show “I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”
Networking gear maker Cisco Systems Inc said a limited number of machines in some of its labs had been found with malicious software on them, without saying if anything had been taken. A person familiar with the company’s ongoing probe said fewer than 50 were compromised.
In Britain, a small number of organizations were compromised and not in the public sector, a security source said.
Shares in cyber security companies FireEye Inc, Palo Alto Networks and Crowdstrike Holdings rose on Friday as investors bet that the spate of disclosures from Microsoft Corp and others would boost demand for security technology.
Reuters identified Cox Communications Inc and Pima County, Arizona government as victims of the intrusion by running a publicly available coding script here from researchers at Moscow-based private cybersecurity firm Kaspersky. The hack hijacked ubiquitous network management software made by SolarWinds Corp. Kaspersky decrypted online web records left behind by the attackers.
The breaches of U.S. government agencies, first revealed by Reuters on Sunday, hit the Department of Homeland Security, the Treasury Department, State Department and Department of Energy. In some cases the breaches involved monitoring emails but it was unclear what hackers did while infiltrating networks, cybersecurity experts said.