Energy Dept., nuclear agency breached as part of massive cyberattack: report

Agencies within the Department of Energy, including the National Nuclear Security Administration (NNSA), were reportedly breached as part of a massive hack on an IT group that has hit almost a dozen federal agencies.

Politico reported Thursday that NNSA, which is charged with maintaining the nation’s nuclear weapons stockpile, had been hit as part of the nation state infiltration of SolarWinds software. The Washington Post on Sunday had attributed the attack to a prolific Russian military hacking group known as “Cozy Bear.”

Politico noted that other Energy agencies that found “suspicious activity” in their networks included the Federal Energy Regulatory Commission (FERC), the Sandia and Los Alamos national laboratories, the Office of Secure Transportation and the Energy Department’s Richland Field Office. According to the publication, more damage was done at FERC than at any of the other agencies.

A spokesperson for the NNSA declined to comment, referring The Hill to the Department of Energy, which did not respond to a request for comment on the cyber incident.

The Hill also reached out to the House Energy and Commerce and Senate Energy and Natural Resources panels, which have jurisdiction over the agencies. Politico reported that the Energy Department had begun the process of notifying committees of jurisdiction about the attack.

Other agencies hit as part of the massive espionage effort, which has been in progress since as early as March, include the Department of Homeland Security, the State Department, the Treasury Department, the Commerce Department, and branches of the Pentagon.