National Institutes of Health Among Agencies Hacked In Cyberattack

The Washington Post: DHS, State And NIH Join List Of Federal Agencies — Now Five — Hacked In Major Russian Cyberespionage Campaign 
The Department of Homeland Security, the State Department and the National Institutes of Health on Monday joined the list of known victims of a months-long, highly sophisticated digital spying operation by Russia whose damage remains uncertain but is presumed to be extensive, experts say. The list of victims of the cyberespionage, which already included the Treasury and Commerce departments, is expected to grow and to include more federal agencies and numerous private companies, said officials and others familiar with the matter, who spoke on the condition of anonymity because it is under investigation. (Nakashima and Timberg, 12/14)

The Wall Street Journal: Suspected Russian Hack Said To Have Gone Undetected For Months 
On Monday the list of known impacted agencies grew substantially. The Department of Homeland Security, the National Institutes of Health and the State Department were all hacked as well, people familiar with the matter said. ... It couldn’t be learned how SolarWinds itself was hacked. The company said in its SEC filing that its Microsoft Office 365 email systems had been compromised and that this incident “may have provided access to other data contained in the company’s office productivity tools.” In a Sunday blog post, Microsoft said that it hadn’t identified any vulnerabilities in its products as a result of its investigation into the incident. (Volz and McMillan, 12/15)

Politico: 'Massively Disruptive' Cyber Crisis Engulfs Multiple Agencies 
Companies in critical infrastructure sectors have begun assessing their systems to see if they, too, were affected. Executives in the electric power sector held a “situational awareness call” on Monday, and the Department of Health and Human Services held a conference call Monday afternoon with health care organizations to explain the SolarWinds vulnerability, according to an invitation seen by POLITICO. (Geller, 12/14)

New York Post/Reuters: Russian Hackers Hit DHS, DoD, NIH, State Department
One of the people familiar with the hacking campaign said the critical network that DHS’ cybersecurity division uses to protect infrastructure, including the recent elections, had not been breached. DHS said it was aware of the reports, without directly confirming them or saying how badly it was affected. DHS is a massive bureaucracy among other things responsible for securing the distribution of the COVID-19 vaccine. (12/15)

The Washington Post: Russian Hack’s Sophistication Impresses Even The Experts
Some kinds of online aggression are “noisy,” almost certain to draw attention, as the multifaceted Russian attack on the 2016 presidential election was. And some are “quiet,” more reminiscent of the subtle spy-vs.-spy operations fictionalized in the novels by the great John le Carré, who died Dec. 12. The far-reaching Russian hack that sent U.S. government and corporate officials scrambling in recent days appears to have been a quietly sophisticated bit of online spying. Investigators at cybersecurity firm FireEye, which itself was victimized in the operation, marveled that the meticulous tactics involved “some of the best operational security” its investigators had seen, using at least one piece of malicious software never previously detected. (Timberg and Nakashima, 12/14)

And a cyberattack in Europe reportedly accessed vaccine documents from Moderna —

Reuters: Moderna COVID-19 Vaccine Documents Accessed In EMA Cyberattack 
Moderna Inc said on Monday it was informed by the European Medicines Agency (EMA) certain documents related to pre-submission talks of its COVID-19 vaccine candidate were unlawfully accessed in a cyberattack on the medicines regulator. The EMA, which assesses medicines and vaccines for the European Union, said earlier this month that it had been targeted in a cyberattack, which also gave hackers access to documents related to the development of the Pfizer Inc and BioNTech COVID-19 vaccine. (12/14)