The "SolarWinds" hacking campaign which reportedly originated in Russia and gained access to U.S. State Department and Department of Homeland Security files, also went after NASA and the Federal Aviation Administration, according to a new report from the Washington Post.
At a White House briefing on the hacks last week, security adviser Anne Neuberger explained that approximately 100 different companies, including the likes of Microsoft, and nine federal agencies had been "compromised" by the hackers.
The update was the first official word from the Biden administration on the damage dealt by the "SolarWinds" hacking campaign. At the time of Neuberger's briefing, it was public knowledge that the nine agencies included the State Department, DHS, and the Departments of Energy, Justice, Commerce, Treasury, and the National Institutes of Health.
Now, the Washington Post has identified the two of the remaining agencies that had not yet been named. After reaching out to U.S. officials, the paper revealed that NASA and the Federal Aviation Administration (FAA) had also been hacked.
A lot still unknown about "SolarWinds" hacking campaign
NASA told the Washington Post that they are working with the U.S. cyber agency CISA on "mitigation efforts to secure NASA’s data and network."
It is not clear what kind of access the hackers had to information from either of the agencies. However, officials previously stated that, any information stolen from federal agencies was unclassified and that operational systems were never accessed.
Though the fact that NASA and the FAA were targeted doesn't reveal a great deal about the "SolarWinds" hacking campaign, it is worrying to know that such important agencies were likely targeted for months without America's national security knowing.
Officials have said it will likely take months to conduct a full investigation into the hacking campaign, meaning we are still far from knowing the extent of the compromised information targeted by the hackers.