Hunting the hunters: How Russian hackers targeted US cyber first responders in SolarWinds breach

Washington CNN — After infiltrating US government computer networks early last year as part of the SolarWinds data breach, Russian hackers then turned their attention to the very people whose job was to track them down. Over the course of a few months, as US officials remained unaware of the breach, hackers identified a handful of key cyber security officials and analysts who would be among the first to respond once the hack was detected, so-called ‘threat hunters,’ and attempted to access their email accounts, according to two sources familiar with the matter. If that’s true, we need a complete housecleaning of all our defensive cyberoperations.” The assessment that hackers deliberately targeted DHS threat hunters, which has not been previously reported, underscores how the SolarWinds attack was among the most sophisticated cyberoperations ever conducted against the US, according to current and former officials. Hackers infiltrated email account of top Trump official Initial reports briefed to the Hill showed that around 30 email accounts at DHS were infiltrated as part of the SolarWinds breach, including that of former acting secretary Chad Wolf and former DHS Chief Information Officer Karen Evans, according to a Capitol Hill aide. “We are working closely across the federal government, Congress, and the private sector to continue making the necessary investments to defend the nation against malicious cyber activity.” While Neuberger is the most senior cyberofficial ever appointed in an administration, the unprecedented Russian breach and the massive Chinese hack of Microsoft Exchange servers underscore that two key, senior cyberpositions remain unfilled: the newly-created role of National Cyber Director, a position that is supposed to the President’s top adviser on all cyber issues, and the director of CISA inside DHS.