Agencies within the Department of Energy (DOE), including portions of the agency charged with maintaining the nation’s nuclear weapons stockpile, were breached as part of a massive hack on an IT group that has hit almost a dozen federal agencies, officials said Thursday.
DOE spokesperson Shaylyn Hynes confirmed to The Hill that “business networks” for the National Nuclear Security Administration (NNSA) were impacted as part of the infiltration of SolarWinds software. The spokesperson said the department is responding to the cyber incident “in coordination with our federal and industry partners. The investigation is ongoing and the response to this incident is happening in real time.”
“At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the Department, including the National Nuclear Security Administration (NNSA),” Hynes added in a statement. “When DOE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DOE network.”