“The D.O.D. is aware of the reports and is currently assessing the impact,” said Russell Goemaere, a Pentagon spokesman.
This was the second time in recent years that Russian intelligence agencies breached the Foreign Ministry’s email systems. Six years ago, officials struggled to get Russian hackers out of their unclassified e-mail systems and temporarily suspended the state’s communications with its own staff in order to clean up the system.
Then as now, Foreign Ministry officials refused to acknowledge that Russia was responsible. In an interview with Breitbart Radio News, Secretary of State Mike Pompeo generally denied the question, saying that “the Russians have consistently tried to break into American servers, not just those of government agencies but also those of companies. We see this even more strongly from the Chinese Communist Party, including the North Koreans. “
In fact, it was the Russians who were consistently the most effective, although in this case it was not clear which State Department systems they had extracted data from or how much. A State Department spokeswoman declined to comment.
Investigators also focused on why the Russians were targeting the Commerce Department’s national telecommunications and information administration, which is helping set guidelines for Internet issues, including setting standards and blocking imports and exports of technology considered national Security risk is considered. However, analysts noted that the agency deals with some of the most cutting-edge commercial technology and dictates what will be sold and denied to rival countries.
Almost all Fortune 500 companies, including the New York Times, use SolarWinds products to monitor their networks. This also applies to Los Alamos National Laboratory, where nuclear weapons are developed, and major defense companies like Boeing, which on Monday refused to discuss the attack.
The early assessments of the interventions – probably the work of the Russian S.V.R., a successor to the K.G.B. – suggest that the hackers were very selective about which victims they exploited for further access and data theft.