Updates to our Terms of Use

We are updating our Terms of Use. Please carefully review the updated Terms before proceeding to our website.

Login to CNS Plus Login to CasePortal
Tuesday, April 16, 2024
Courthouse News Service
Free Litigation Reports Find Judicial Opinions
Tuesday, April 16, 2024 | Back issues
Courthouse News Service Courthouse News Service

US Seizes 2 Domain Names Used in Cyberespionage Campaign

The Justice Department said Tuesday that it has seized two domain names used in a cyberespionage campaign that targeted U.S. and foreign government agencies, think tanks and humanitarian groups.

/ June 1, 2021
FILE - In this April 1, 2014, file photo, the headquarters for the U.S. Agency for International Development is seen in Washington. The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on U.S. and foreign government agencies and think tanks using an email marketing account of the U.S. Agency for International Development, Microsoft said, late Thursday, May 27, 2021. (AP Photo/J. David Ake, File)

WASHINGTON (AP) — The Justice Department said Tuesday that it has seized two domain names used in a cyberespionage campaign that targeted U.S. and foreign government agencies, think tanks and humanitarian groups.

The campaign was disclosed last week by Microsoft, which linked it to the same group of Russian intelligence operatives responsible for the massive SolarWinds intrusion that breached federal agencies and private corporations.

The company said over the weekend that it was “still not seeing evidence of any significant number of compromised organizations at this time." The White House on Friday similarly downplayed the cyber assault as “basic phishing,” in which hackers use malware-laden emails to access networks, and said U.S. agencies had largely fended it off.

Still, officials say the U.S. government's action on Friday was aimed at preventing any further exploitation of victims, though the Justice Department also warned that the hackers may have used additional backdoor accesses to get into networks between when the hacking first began and the time that the domains were seized.

“Last week’s action is a continued demonstration of the department’s commitment to proactively disrupt hacking activity prior to the conclusion of a criminal investigation,” Assistant Attorney General John Demers, the Justice Department’s top national security official, said in a statement.

He said the department would "continue to evaluate all possible opportunities to use our unique authorities to act against such threats.”

In the case disclosed last week, hackers gained access to an email marketing account of the U.S. Agency for International Development, and masquerading as the government body, targeted about 3,000 email accounts at more than 150 different organizations.

The company did not say what portion of the attempts may have led to successful intrusions but said that most were blocked by automated systems that marked them as spam.

___

By ERIC TUCKER Associated Press

Categories / Criminal, Government, Politics, Technology

Subscribe to Closing Arguments

Sign up for new weekly newsletter Closing Arguments to get the latest about ongoing trials, major litigation and hot cases and rulings in courthouses around the U.S. and the world.

Additional Reads

Loading...