“The D.O.D. is aware of the reports and is currently assessing the impact,” said Russell Goemaere, a Pentagon spokesman.
This was the second time in recent years that Russian intelligence agencies had pierced the State Department’s email systems. Six years ago, officials struggled to get Russian hackers out of their unclassified email systems, at times shutting down State’s communications with its own staff in an effort to purge the system.
Then, as now, State Department officials refused to acknowledge that Russia had been responsible. In an interview with Breitbart Radio News, Secretary of State Mike Pompeo deflected the question with generalities, saying that there had “been a consistent effort of the Russians to try and get into American servers, not only those of government agencies, but of businesses. We see this even more strongly from the Chinese Communist Party, from the North Koreans, as well.”
In fact, it is the Russians who have been consistently most effective, though in this case it was not clear which State Department systems they had extracted data from or how much. A State Department spokeswoman declined to comment.
Investigators were also focused on why the Russians targeted the Commerce Department’s National Telecommunications and Information Administration, which helps determine policy for internet-related issues, including setting standards and blocking imports and exports of technology that is considered a national security risk. But analysts noted that the agency deals with some of the most cutting-edge commercial technologies, determining what will be sold and denied to adversarial countries.
Nearly all Fortune 500 companies, including The New York Times, use SolarWinds products to monitor their networks. So does Los Alamos National Laboratory, where nuclear weapons are designed, and major defense contractors like Boeing, which declined on Monday to discuss the attack.
The early assessments of the intrusions — believed to be the work of Russia’s S.V.R., a successor to the K.G.B. — suggest that the hackers were highly selective about which victims they exploited for further access and data theft.