FBI says significant cyberattacks on US federal agencies still underway, plans response

Calling the recent significant cyberattacks on US federal agencies “a developing situation”, FBI, CISA and ODNI jointly said on December 16 that they are putting together a unified response to the breaches while understanding its effect on the networks within the agencies. In a statement, late Wednesday (local time), Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of the Director of National Intelligence (ODNI) said that they have formed a Cyber Unified Coordination Group (UCG)  to coordinate the response of the entire government. 

Further, the federal agencies also said that the FBI is investigating the cyberattacks along with gathering the intelligence surrounding the same. As per the statement, the FBI is currently engaging with both known as well as the suspected victims of the attacks to take more actions. The joint statement came after a US media reported on December 13 that the US Department of Homeland Security was the third federal department to face a significant cyberattack. 

“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” the statement said.

“As the lead for threat response, the FBI is investigating and gathering intelligence in order to attribute, pursue, and disrupt the responsible threat actors. The FBI is engaging with known and suspected victims, and information gained through FBI's efforts will provide indicators to network defenders and intelligence to our government partners to enable further action,” it added.

Read - What Happened To FBI Agent Jack Brennan? Find Out If Brennan Based On Real Person

Read - Iran Behind Abduction And Death Of Former FBI Agent Bob Levinson, Alleges US

CISA order on SolarWinds Orion IT products

Attached to the Department of Homeland Security or DHS, the CISA on December 12 reportedly ordered the federal agencies to stop using SolarWinds Orion IT products in the wake of the reports that cyberattackers had used a recent update to get access to internal communications. CISA Acting Director Brandon Wales had reportedly urged all agency partners in both private and public sectors to “assess their exposure to this compromise and to secure their networks.”

These hackers are reportedly believed to have targeted the US State Department, Joint Chiefs of Staff and the White House networks during the administration of former US President Barack Obama. The same Russian group is also reportedly thought to have carried out the break-in during 2016 US Presidential Election. 

Read - US Blames Iran In Abduction, Death Of Ex-FBI Agent Levinson

Read - 'Under The Rug:' Sexual Misconduct Shakes FBI's Senior Ranks