1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

US says Russia 'likely' behind massive agency hack

January 6, 2021

The intelligence agencies issued a joint statement saying the hacking was for the purpose of "intelligence gathering," rather than an attempt to disrupt operations. President Trump had previously placed blame on China.

https://p.dw.com/p/3nYLl
A file photo of a man typing at a keyboard
The US Treasury and Commerce departments were among those targeted in the cyberattackImage: picture-alliance/dpa/N. Armer

Top US national security agencies confirmed in a rare joint statement on Tuesday that a recent massive hack of government departments and corporations was "likely Russian in origin."

"This is a serious compromise that will require a sustained and dedicated effort to remediate,'' said the joint statement by the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency.

Their statement goes against President Trump's claims that China was responsible for the hack.

Ongoing threat

The agencies also said that the purpose of the hacks was "intelligence gathering," rather than an attempt to disrupt or damage government operations. They also said the Russian operation was ongoing, indicating that the threat was not over.

How did hackers compromise US government agencies?

The investigation is still under way. Russian officials have denied involvement, and did not immediately respond to questions, reported Reuters news agency. 

Hackers had breached systems early last year, and perhaps earlier. Cybersecurity firm FireEye was the first to detect the hack, in early December 2020.  

The statement by agencies said less than 10 government agencies had been affected, although the extent of hacking was not clear.

The Treasury and Commerce departments are among those known to have been affected.

Officials familiar with the case said the main target of hackers was email. Fewer than 50 companies had been compromised, and no classified data had been breached, as previously feared. 

tg/rs (AP, Reuters)