The US Department of Justice (DOJ) and US federal courts announced on January 6 they were both hacked by a prior, similar government breach into SolarWinds, a network security management firm that worked inside the systems of multiple US government agencies. The breach also includes a suspected hacking into the federal courts’ filing systems.

The new breach into the DOJ and Federal courts’ emails follows the recent explosive news that numerous government agencies and businesses were also hacked for about four months without authorities noticing.

Leading up to these new hacking reports, government authorities on December 24 announced that hackers had broken into various systems of Solar Winds during automatic updates occurring on the SolarWinds systems. The US Cybersecurity and Infrastructure Security Agency (CISA) then reported the computer intrusion “poses a grave risk” to US federal, state, local agencies, US companies, and organizations since SolarWinds operates in so many sensitive government areas.

Fast forward two weeks later, and two new agencies have now reported being impacted by the former SolarWinds breach.

The DOJ released a statement that about three percent of its emails have been most likely “accessed” by the SolarWinds cyber attacks as well.

The DOJ noted, “After learning of the malicious activity, the OCIO eliminated the identified method by which the actor was accessing the O365 email environment. At this point, the number of potentially accessed O365 mailboxes appears limited to around 3-percent and we have no indication that any classified systems were impacted.”

The DOJ said this breach is considered a “major incident” under the Federal Information Security Modernization Act (FISMA).

Launched in 2014, FISMA was created as an update into US government cybersecurity practices. Among numerous updates, FISMA codified the Department of Homeland Security (DHS) “authority to administer the implementation of information security policies for non-national security Federal Executive Branch systems, including providing technical assistance and deploying technologies to such systems.”

In a tersely worded statement on Wednesday, the CISA said, “The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of US government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”

The second new breach under investigation was discovered inside the systems of the Federal courts. A statement by the United States Courts said, “After the recent disclosure of widespread cybersecurity breaches of both private sector and government computer systems, federal courts are immediately adding new security procedures to protect highly sensitive confidential documents filed with the courts.”

New procedures were immediately put into effect for federal courts on January 6, including that they “accept highly sensitive documents only in paper form or on a secure electronic device, such as a thumb drive, according to new procedures announced Wednesday. Such documents should be stored in a secured stand-alone computer system and should not be uploaded to the Case Management/Electronic Case Files system, known as CM/ECF.”

In total, the SolarWinds breach has impacted about 250 federal agencies and US businesses.