U.S. Attorneys Targeted in SolarWinds Hack

Posted by
Published:
Aug 05, 2021
Reviewed by
Updated:
Feb 14, 2024
min. read
Table of Contents

The year 2020 yielded a record number of data breaches. Among the most shocking of these was the infamous SolarWinds breach. The Texas-based company provided software to help organizations manage their systems. One of their clients included the United States government, which bore the brunt of the brazen cyberattack.

Russian operatives compromised SolarWinds by adding malicious code to its software system. This enabled them to access government systems. What was even more damaging was that the hack went undetected for months, believed to be between early May and late December, allowing the operatives a large window within which they could compromise the systems.

The aftermath was far-reaching, and required an expensive recovery sure to take over a year to complete. Even months after the attack was first reported, revelations about the full scope of the damaging data breach are still coming to light. The Department of Justice recently admitted that, among the many parts of the government affected, a number of U.S. Attorney’s offices were affected, with one state being the hardest hit.

U.S. Attorneys’ Offices Attacked

The Department of Justice stated in a press release that multiple United States Attorneys within several districts were affected in the 2020 SolarWinds hack. In all, 27 districts in fifteen states and the District of Columbia were involved in the cyberattack, including multiple districts within individual states such as California, Florida, Pennsylvania, and Texas.

In all the district offices involved, at least one employee’s email account was compromised. However, a single state suffered the most extensive breach. In New York State, the Northern, Southern, Eastern, and Western Districts were hit, meaning every district in the state was affected. What is more alarming is that the Empire State saw 80% of employees’ emails accessed in the breach.

It should be noted that the Southern District of New York includes Manhattan as well as the Bronx and some mainland counties, and is one of the busiest and most influential federal district courts in the United States. Known for being more independent than other federal courts, S.D.N.Y. has earned the nickname “Sovereign District of New York.”

It has also handled some major cases in its history, including claims following the sinking of the Titanic, the trial of Julius and Ethel Rosenberg, issues of expression through the press and publication of James Joyce’s Ulysses which was considered obscene, and the case of fraud against Bernie Madoff.

Potential Information Compromised

Certainly S.D.N.Y. has a high level of prestige, clout, and name recognition around the United States. However, the nearby Eastern District of New York also serves the New York metropolitan area, including all of Long Island and Staten Island. The Eastern District was also heavily compromised in the cyberattack.

The information stored on district court computers, as well as that being shared via email, is frequently sensitive. A former federal prosecutor, Jennifer Rodgers, stated that information being sent via email included discussions of strategies and confidential names of informants.

Mitigation Strategy

The SolarWinds hack proved how vulnerable systems can be to a malicious party, and stressed the importance of a comprehensive data security policy within an organization. One such aspect is encrypted, offline storage that functions as a backup and as a means to transfer sensitive information between or among computers.

SecureDrive provides a number of options that can be used independently or in conjunction with each other to help create a thorough data security strategy. The encrypted portable drives and flash drives meet stringent regulations including HIPAA and CMMC Level 3, making them an excellent means of storing data offline without fear of hacking.

The BT drives can be further enhanced with Remote Management to allow an administrator to control where drives can be used, and within certain time parameters. To add security to threats from within, SecureGuard is a means for an administrator to blacklist or whitelist devices, not only preventing data from potentially being stolen from a computer, but also blocking malware from entering via an infected device.

Category:
News

Discover our secure data Solutions

Data Recovery Services

From single external hard drives, SSD’s, mobile devices to enterprise NAS, SAN, and RAID failures, we are ready to help recover from digital disasters, anywhere.

Request Help
Philip Bader

After more than a decade in Southeast Asia as a reporter and editor for magazines, newspapers, and online media organizations, Philip Bader now serves as a freelance content writer for Secure Data Recovery Services. He writes blogs and web content about data storage technology, trends in enterprise data recovery, and emerging data storage technology.

© 2024 SecureData Corporation or its affiliates. All rights reserved.