Washington
The US Department of Energy said today said the security functions at the National Nuclear Security Administration(NNSA) was "not impacted" after confirming that it "found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the Department."
Watch:
The National Nuclear Security Administration(NNSA) manages the US nuclear stockpile.
On Monday, reports said that the US Department of Homeland Security(DHS) was targeted by hackers, however, the DHS denied the report. It had however added that "it was aware of cyber breaches across the federal government and working closely with our partners in the public and private sector on the federal response."
The DHS said hackers reportedly broke into SolarWinds Orion IT products following a recent update as they gained access to internal communications. CISA Acting Director Brandon Wales said: "We urge all our partners -- in the public and private sectors -- to assess their exposure to this compromise and to secure their networks."
The DOE meanwhile confirmed that it was attacked in hacks of SolarWinds software. The federal agency said it was investigating a suspected Russian link. The DOE said that systems at the Commerce Department and Treasury Department have also been breached.
In a joint statement, FBI, Cybersecurity and infrastructure security agency(CISA) and Office of the Director of National Intelligence said it was "investigating and gathering intelligence in order to attribute, pursue, and disrupt the responsible threat actors."
"CISA took immediate action and issued an Emergency Directive instructing federal civilian agencies to immediately disconnect or power down affected SolarWinds Orion products from their network," it added.
"This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government," the statement added.
SolarWinds had earlier admitted that hackers had exploited a backdoor in an update of some of its software released between March and June.