Homeland Security Officials Acknowledge Hackers Breached U.S. Agencies
STEVE INSKEEP, HOST:
U.S. cybersecurity officials had been preparing for Russian interference in the U.S. election. They say that kind of attack never came. The main disinformation instead came from the departing president. But it does appear that Russia was busy elsewhere. It was allegedly hacking U.S. government agencies that were not directly involved in the election. NPR national security correspondent Greg Myre is covering this story. Greg, good morning.
GREG MYRE, BYLINE: Good morning, Steve.
INSKEEP: What was hacked?
MYRE: Well, it looks like it was the Treasury and Commerce Departments. the leading suspect is the Russian Foreign Intelligence Service, known as the SVR. It's sort of the equivalent of the CIA in Russia. Russia has issued a statement denying this. But according to American authorities, it seems to have been going on for months and was only recently uncovered. We don't have many details at this point. But both the National Security Council and the Department of Homeland Security have acknowledged that a breach took place, and they say they're working to sort it out.
INSKEEP: Well, I'm trying to think through these couple of agencies. The Commerce Department supports American business, especially overseas. They oversee a variety of other things, like the census. The Treasury Department, of course, is deeply involved in the economy and the operations of the government. Is it understood what kind of information may have been stolen from those agencies?
MYRE: Well, we don't know precisely. We do know the email systems were hacked and - but as you note, was this just routine office email or was this some more valuable, important classified information with business and financial information that would be quite important? And then there's the larger concern - were other government departments hacked as well? We don't have an answer to that right now.
INSKEEP: Is it just random that Treasury and Commerce would be targeted?
MYRE: We don't know that. You know, they certainly have their own value if they were hacked. But there's certainly the expectation that other parts of the government would have been targeted as well. If the Russians or whoever was able to get in to those departments, they would look elsewhere. The Russians were responsible for a major breach back in 2014 and 2015, which included the White House and the State Department.
INSKEEP: Greg, one other thing - how, if at all, does this connect with other news from just a few days ago of another suspected Russian hack?
MYRE: Well, that previous report involved the cybersecurity firm FireEye, a major firm, that said it lost some of its valuable tools that it uses to look for security and when it checks out the networks of clients. The company said they believed it was a state-sponsored attack. And they didn't name Russia, but analysts say that was clearly the implication. And they are looking for links between these two attacks. One possibility seems to be that the hack was carried out through software updates that are widely used both in the U.S. government and in many private companies. So that seems to be what they're checking. Again, it speaks to Russia's ability to go after very hard, well-defended targets.
INSKEEP: Greg, thanks very much.
MYRE: My pleasure.
INSKEEP: That's NPR's Greg Myre.
NPR transcripts are created on a rush deadline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.