ABC News December 13, 2020

US Treasury, Commerce Department breached, agency says

WATCH: US Treasury, Commerce Department breached, agency says

The U.S. Treasury Department and U.S. Department of Commerce were victims of a cyber breach, the agency and a source familiar with the breach confirmed to ABC News.

“We can confirm there has been a breach in one of our bureaus. We have asked CISA and the FBI to investigate, and we cannot comment further at this time,” the Commerce Department said in a statement Sunday.

A source familiar with the investigation tells ABC News it was a sophisticated attack and that very few entities are capable of such. Authorities are investigating and assessing who was behind the breach, which may reach beyond the Treasury and Commerce departments, but two government officials tell ABC News that Russia is believed to be behind the cyber intrusion.

MORE: Former Marine Paul Whelan speaks from Russian prison: ABC News exclusive

“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” NSC spokesman John Ullyot told ABC News.

The Cybersecurity and Infrastructure Security Agency, an arm of the Department of Homeland Security, told ABC News it is assisting with the investigation.

Patrick Semansky/AP
FILE - The U.S. Treasury Department building viewed from the Washington Monument, Wednesday, Sept. 18, 2019, in Washington. Hackers got into computers at the U.S. Treasury Department and possibly other federal agencies, touching off a government response involving the National Security Council. Security Council spokesperson John Ullyot said Sunday, Dec. 13, 2020 that the government is aware of reports about the hacks.

“We have been working closely with our agency partners regarding recently discovered activity on government networks. CISA is providing technical assistance to affected entities as they work to identify and mitigate any potential compromises.”

CISA offered an emergency directive Sunday night to “mitigate the compromise” of the software that is used by the Treasury and Commerce Departments and was compromised.

MORE: Russian state actors hacked systems containing election information in 2 states: Gov't officials

SolarWinds, the company which provided the software for these agencies, says it's working with the FBI and law enforcement to get to the bottom of the breach.

"We are aware of a potential vulnerability which, if present, is currently believed to be related to updates which were released between March and June 2020 to our Orion monitoring products," SolarWinds President and CEO Kevin Thompson said in a statement. "We believe that this vulnerability is the result of a highly-sophisticated, targeted and manual supply chain attack by a nation state."

MORE: Russia is 'amplifying' claims of mail-in voter fraud, intel bulletin warns

Under the Homeland Security Act, CISA can authorize emergency guidance to federal departments using the software to disconnect the software from their server.

“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” CISA Acting Director Brandon Wales said in a statement Sunday. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation.”