Sunday, February 16, 2025
HomeCyber AttackSolarWinds Hackers Accessed Emails of US Department of Homeland Security (DHS) Officials

SolarWinds Hackers Accessed Emails of US Department of Homeland Security (DHS) Officials

Published on

SIEM as a Service

Follow Us on Google News

Recently, the Homeland security officials (DHS) of the US department came to the list of the victim of the SolarWinds attack. However, the  DHS is the administrative department of the United States federal government.

This department is accountable for public safety, similar to the central ministries of other countries. After a proper investigation, the cybersecurity analysts knew that the cybercriminals had gained access to the email accounts of the key members of DHS, including secretary Chad Wolf.

According to the reports, the DHS is one of the latest victims of the SolarWinds Worldwide LLC hacking attack. The agency has again reported that they have been suspecting the Russian hacking group for this attack. 

The agency also asserted that the hackers had accessed the email accounts of all senior DHS officials, that also includes Chad Wolf, the secretary of Homeland Security.

New Disclosures

The security researchers, after knowing about the attack, concluded that this complex action professes a severe risk to critical infrastructures.

And this attack also indicates that its destruction will be complex, and as time passes, there will be more victims of this attack. Moreover, in this attack, various high-profile leaders of other agencies were also targeted by the threat actors. 

The list includes a member of the White House advisers and former Energy Department Secretary Dan Brouillette. Not only this, but the newly leaked information implies that all the damages were considerably worse than previously thought.

All these attacks have particularly revealed all kind of sensitive data. The analysts affirmed that the new data had not changed the policy of the White House, but the investigation is pointing that the threat actors that are responsible for this attack belong to Russia.  

Which Government Agencies Were Affected?

The government agencies that were affected in the SolarWinds hacking attack were mentioned below:-

  • Homeland Security, State, Commerce and Treasury.
  • The National Institutes of Health.
  • The National Nuclear Security Administration.
  • Energy department.
  • Commerce Department.
  • Treasury Department.

But, it’s still not confirmed that exactly how many companies and government departments have been affected or attacked by the SolarWinds hackers. But there was a report that has been stated by the cybersecurity analysts, which says that last month it was estimated that there were 18,000 companies that were attacked.  

The government agencies are trying their best to circumvent all these attacks; however, the US government had agreed that a total of nine federal agencies and nearly 100 private sector companies were involved in the attack.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Fake BSOD Attack Launched via Malicious Python Script

A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick...

SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files

A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using...

Lazarus Group Targets Developers Worldwide with New Malware Tactic

North Korea's Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign...

North Korean IT Workers Penetrate Global Firms to Install System Backdoors

In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Ratatouille Malware Bypass UAC Control & Exploits I2P Network to Launch Cyber Attacks

A newly discovered malware, dubbed "Ratatouille" (or I2PRAT), is raising alarms in the cybersecurity...

Beyond the Horizon: Assessing the Viability of Single-Bit Fault Injection Attacks

The realm of fault injection attacks has long intrigued researchers and security professionals.Among...

Hackers Exploit Valentine’s Day Domains for Sneaky Cyber Attacks

Cybercriminals are capitalizing on the season of love to launch sneaky and deceptive cyberattacks.According...