US cybersecurity agency warns suspected Russian hacking campaign broader than previously believed

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

An alarming new alert issued by the Department of Homeland Security’s cyber arm Thursday revealed that Russian hackers suspected of a massive, ongoing intrusion campaign into government agencies, private companies and critical infrastructure entities used a variety of unidentified tactics and not just a single compromised software program.

a screen shot of an open laptop computer sitting on top of a table

© Shutterstock

Specifically, the Cybersecurity and Infrastructure Security Agency said it has determined that the SolarWinds Orion software vulnerability disclosed earlier this week is not the only way hackers compromised a variety of online networks — warning that in some cases, victims appeared to have been breached despite never using the problematic software.


Load Error

The news will likely only compound already escalating concerns about the scale and scope of the data breach, which CISA said Thursday “poses a grave risk” to networks across both the public and private sector.

“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” the alert issued by the agency said. “CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”

The agency also acknowledged Thursday that the hackers used “tactics, techniques and procedures that have not yet been discovered,” adding that it is continuing to investigate whether, and how, other intrusion methods may have been used since the campaign began months ago.

The analysis comes as the list of US agencies, private companies and other entities affected by the hacking campaign continues to increase.

Hours after the CISA alert was released, the US Energy Department said it had evidence that hackers accessed some of its networks using the same malware associated with the ongoing data breach already impacting almost half a dozen federal agencies.

The department maintains that the impact has been “isolated to business networks” and “has not impacted the mission essential national security functions of the Department, including the National Nuclear…