The news will likely only compound already growing concerns about the scale and scope of the data breach, which CISA says “poses a serious risk” to both public and private sector networks.
“CISA has determined that this threat represents a serious risk to the federal government and state, local, tribal and territorial governments, as well as to critical infrastructure entities and other private sector organizations,” said the alert issued by the agency. “CISA expects that removing this threat actor from compromised environments will be very complex and challenging for organizations.”
The agency also acknowledged that the hackers used “tactics, techniques and procedures that have not yet been discovered,” adding that it continues to investigate whether and how other intrusion methods may have been used since the campaign began months ago.
The analysis comes as the list of US agencies, private companies and other entities affected by the hacking campaign continues to grow.
Hours after the publication of the CISA alert, the US Department of Energy said it had evidence that hackers accessed some of its networks using the same malware associated with the ongoing data breach that already affects nearly half a dozen federal agencies.
The department maintains that the impact has “isolated commercial networks” and “has not affected the essential national security functions of the Department’s mission, including the National Nuclear Security Administration (NNSA),” which oversees the weapons arsenal. nuclear power of the nation.
Department of Energy spokeswoman Shaylyn Hynes also said that once the department identified its vulnerable software, “immediate steps were taken to mitigate the risk and all software identified as vulnerable to this attack was disconnected from the DOE network.” .