Russian hackers broke into email accounts in 27 US attorneys’ offices over the course of seven months in 2020, the US Department of Justice announced Friday. It had been previously reported that multiple US federal government agencies had been breached through a third-party IT contractor called SolarWinds, including the Department of Justice. But on Friday the department offered more detail, including the districts where one or more employees’ email accounts were accessed.
While every US attorney could make the case that their office handles sensitive case work, Friday’s update included offices that deal with some of the most complex financial and international criminal prosecutions, including the Southern District of New York, the Western District of Pennsylvania, and the Eastern District of Virginia. The Southern District of New York, for example, has handled past prosecutions related to former President Donald J. Trump, and is reportedly investigating Trump ally and former attorney Rudy Giuliani related to his efforts in Ukraine and his dealings with Russian figures to dig up dirt on President Biden and his family.
“The Department is responding to this incident as if the Advanced Persistent Threat (APT) group responsible for the SolarWinds breach had access to all email communications and attachments” within the breached accounts between May 7, 2020, and December 27, 2020, the agency said in a statement. This includes “all sent, received, and stored emails and attachments found within those accounts during that time.” Especially hard hit were the Eastern, Northern, Southern, and Western Districts of New York, where “at least 80 percent” of employees’ email accounts were breached, the agency said.
“APT” is cybersecurity industry and intelligence jargon for a group or groups belonging to or backed by a nation state which gain access to and maintain a presence over a period of time and carry out reconnaissance, espionage, sabotage, or other missions. In this case, the US government has formally accused the Russian Foreign Intelligence Service of being behind the attacks, a charge the Russian government has denied. In April the Biden administration announced sanctions on the Russian government over the attack.
Jennifer Rodgers, a lecturer at Columbia Law School and a former federal prosecutor in New York, told the Associated Press that these kinds of emails frequently contain all sorts of sensitive information such as case strategy discussions and names of confidential informants.