The CEO of cybersecurity company FireEye said they appeared to be trying to steal information from government clients.
Hackers who targeted the federal government appear to be part of a Russian intelligence campaign aimed at multiple U.S. agencies and companies, including the cybersecurity company FireEye, officials said Sunday.
A Commerce Department spokesman confirmed a breach, saying it occurred at an unidentified bureau.
Department officials alerted the FBI and a cybersecurity agency within the Department of Homeland Security, the spokesman said, declining to comment further.
The White House National Security Council also confirmed that it was looking into another potential intrusion at the Treasury Department after Reuters reported that foreign government-backed hackers accessed internal government emails.
The Washington Post first reported that the hacks were carried out by Russia’s Foreign Intelligence Service, or SVR.
Among the SVR’s targets was FireEye, a major U.S. cybersecurity company with extensive government contracts, The Post reported. The company’s CEO said last week that it had been hacked “by a nation with top-tier offensive capabilities.”
A private cybersecurity official briefed on the matter confirmed the SVR’s involvement to NBC News.
FireEye CEO Kevin Mandia said the hackers’ primary goal appeared to be to steal information from the company’s government clients.
It wasn’t clear how much information the hackers accessed, although the company said they obtained tools used by FireEye’s Red Team, the section tasked with defending against new cyberattacks.
The Post reported that the Commerce Department breach targeted Solar Winds, an information technology system used by tens of thousands of organizations. NBC News hasn’t independently confirmed the report.
The FBI and the National Security Agency declined to comment Sunday.
In a statement, the Homeland Security Department’s cybersecurity agency said it was investigating “recently discovered activity on government networks.”
The agency said it was providing technical assistance to help blunt potential compromises.