British security services are investigating whether Russian hackers gained access to confidential files in the UK following a major months-long security breach of US government agencies.
The National Cyber Security Centre (NCSC), part of GCHQ, said on Monday that it is probing potential security leaks after a Russian government-backed cyber crime group hacked into software developed by American business SolarWinds.
SolarWinds software is used by government departments including GCHQ, the Ministry of Defence, the Cabinet Office and the Ministry of Justice, according to a 2018 company document seen by The Telegraph.
Job adverts published online show that the Home Office is also an active user of Orion, the specific program which Russian hackers breached in March and used to view internal emails sent by the US Treasury and Commerce Department.
“Investigations are ongoing, and we are working extensively with partners and stakeholders to assess any UK impact,” an NCSC spokesman said on Monday.
Any intrusion into government systems by the hackers could have allowed them to quietly intercept government emails and documents inside some of the country’s most sensitive departments including the organisations which oversee the courts as well as the body which manages pilots’ licences.
The confirmation of the investigation comes after the US Cybersecurity and Infrastructure Security Agency issued a rare emergency directive on Sunday ordering US government agencies to “disconnect or power down” the SolarWinds Orion software.
The Department of Homeland Security’s cybersecurity arm warned of an "unacceptable risk" to the executive branch from a feared large-scale penetration of U.S. government agencies that could date back to mid-year or earlier.
"This can turn into one of the most impactful espionage campaigns on record," said cybersecurity expert Dmitri Alperovitch.
The NCSC spokesman said the organisation is working with FireEye, an American cybersecurity business which was itself hacked after a state-backed Russian hacking group known as “Cozy Bear” gained access to its servers using a vulnerability in the SolarWinds software.
Britain signed a million dollar deal with FireEye just weeks before the company disclosed the hack.
The Russian foreign ministry has denied carrying out the hack and described the allegations as another unfounded attempt by the US media to blame Russia for cyberattacks against US agencies.
A Home Office spokesman did not respond to a request for comment.
Свежие комментарии