The attack is part of the huge SolarWinds hack that has hit other government agency systems and critical infrastructure. The US cybersecurity agency has warned it poses a serious risk.
Critical infrastructure were put at risk by the sophisticated attack that was hard to detect and will be difficult to undoImage: U.S. Department of Energy
Malware "has been isolated to business networks only," an Energy Department spokeswoman Shaylyn Hynes said in a statement.
Nukes not affected
She denied an earlier report by US media outlet Politico that the attack had impacted US national security, including the National Nuclear Security Administration, which manages the country's nuclear weapons stockpile.
Software that DoE officials identified as being vulnerable to the attack has been disconnected from the department's network, Hynes added.
The nation's cybersecurity agency on Thursday warned that the hack presented a "grave" risk to government and private networks.
Federal agencies and "critical infrastructure" were put at risk by the sophisticated attack that was hard to detect and will be difficult to undo, the Cybersecurity and Infrastructure Security Agency said in an unusual warning message.
Homeland Security, the agency's parent department, defines critical infrastructure as any "vital" assets to the US or its economy. This includes power plants and financial institutions.
'Cyberattacks are part of modern spy game'
03:49
This browser does not support the video element.
Fears over widespread network access
According to officials cited in the Politico report, hackers did more damage to networks at the DoE's Federal Energy Regulatory Commission, or FERC, than any other branch of the agency. It also said the department's Sandia and Los Alamos labs were hacked.
FERC regulates the transmission of gas and power between states but has no control over the US or regional power grids.
Senator Deb Fischer, a Republican who is the chair of the subcommittee that oversees nuclear forces, said she was confident in the security of US nuclear weapons but was "troubled" that hackers accessed NNSA's network.
The hack "reinforces the need to modernize our nuclear enterprise in order to ensure it remains safe, secure, and effective in the face of evolving threats," said Fischer, who has requested a briefing from the DoE.
Technologies that revolutionized warfare
Artificial intelligence (AI) experts have warned about the dangerous "revolution" that would occur if lethal autonomous weapons were developed. But what are some of the other inventions that revolutionized warfare?
Image: Getty Images/E. Gooch/Hulton Archive
Artificial Intelligence: 'Third revolution in warfare'
More than 100 AI experts have written to the UN asking them to ban lethal autonomous weapons — those that use AI to act independently. No so-called "killer robots" currently exist, but advances in artificial intelligence have made them a real possibility. Experts said these weapons could be "the third revolution in warfare," after gunpowder and nuclear arms.
Image: Bertrand Guay/AFP/Getty Images
Gunpowder
The "first revolution in warfare" was invented by the Chinese, who started using the explosive black substance between the 10th and 12th centuries to propel projectiles in simple guns. It gradually spread to the Middle East and Europe in the following two centuries. Once perfected, firearms using gunpowder proved to be far more lethal than the traditional bow and arrow.
Image: Getty Images/E. Gooch/Hulton Archive
Artillery
The invention of gunpowder also introduced artillery pieces to the battlefield. Armies started using basic cannons in the 16th century to fire heavy metal balls at opposing infantrymen and breach defensive walls around cities and fortresses. Far more destructive field guns were invented in the 19th century and went on to wreak havoc in the battlefields of World War I.
Image: picture-alliance/akg-images
Machine guns
Guns that fire multiple rounds in rapid succession were invented in the late 19th century and immediately transformed the battlefield. Machine guns, as they came to be known, allowed soldiers to mow down the enemy from a protected position. The weapon's grisly effectiveness became all too clear in WWI as both sides used machine guns to wipe out soldiers charging across no man's land.
Image: Imperial War Museums
Warplanes
Military thinkers did not ignore the invention of the first airplane in 1903. Six years later, the US military bought the first unarmed military aircraft, the 1909 Wright Military Flyer. Inventors experimented with more advanced fighter and bomber aircraft in the following years. Both became standard features in many of the national air forces established by the end of WWI.
Image: picture-alliance/dpa/dpaweb/U.S. Airforce
Mechanization
Armies had traditionally used soldiers and horses to fight and transport military equipment. But around WWI, they started using more machines such as tanks and armored vehicles. Faster and more destructive armies were the result. Nazi Germany put this new form of "mechanized warfare" to destructive effect in WWII using an attack strategy known as "Blitzkrieg" ("lightning war").
Image: ullstein bild - SV-Bilderdienst
Missiles
Although artillery was effective, it had a relatively limited range. The missile's invention in WWII suddenly allowed an army to strike a target hundreds of kilometers away. The first missile — the German V-2 — was relatively primitive, but it laid the foundation for the development of guided cruise missiles and intercontinental ballistic missiles (ICBM) capable of carrying nuclear warheads.
Image: picture-alliance/dpa
Jet engine
Jet aircraft first saw action alongside traditional propeller airplanes at the end of WWII. Jet engines dramatically increased an aircraft's speed, allowing it to reach a target quicker and making it far harder for an adversary to shoot it down. After WWII, military reconnaissance planes were developed that could fly higher than 25 kilometers (15.5 miles) and faster than the speed of sound.
Image: picture-alliance
Nuclear weapons
The "second revolution in warfare" announced its horrific arrival on August 6, 1945, when the US dropped the first nuclear bomb — "Little Boy" — on the city of Hiroshima in Japan, killing between 60,000 and 80,000 people instantly. In the Cold War that followed, the US and Soviet Union developed thousands of even more destructive warheads that raised the specter of a devastating nuclear war.
Image: Getty Images/AFP
Digitization
Recent decades have witnessed the ever more prevalent use of computers to conduct war. The devices made military communication quicker and easier and radically improved the precision and efficiency of many weapons. Armed forces have recently focused on developing cyber warfare capabilities to defend national infrastructure and attack foreign adversaries in cyberspace.
Image: picture-alliance/dpa
10 images1 | 10
What do we know about the SolarWinds breach?
Hackers accessed federal agencies through holes in software from US-based company SolarWinds. Malicious code was hidden in updates to its Orion software in March that could give hackers the same views as in-house IT crews. Some 18,000 SolarWinds' clients are thought to have downloaded the compromised updates.
The Department of Homeland Security said on Thursday the hackers also used other techniques to gain access to networks.
In addition to the DoE, two federal departments, the US Treasury and the Department of Commerce, have been hit.
Further US government departments, including the Defense and Justice departments, are assuming that the nonclassified networks have been accessed.
Advertisement
Microsoft also affected
Microsoft on Thursday said it detected a malicious version of the software from SolarWinds inside the company. Its investigation so far showed no evidence hackers had used Microsoft systems to attack customers, reported news agency Reuters.
"Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed," a Microsoft spokesperson said, adding that the company had found "no indications that our systems were used to attack others."
