US federal agency compromised in suspected APT attack

Emotional, Burning, Unlimited Tuned Laboratory

A sophisticated threat actor has gained access and has backdoored the internal network of a US federal government agency, antivirus maker Avast reported this week.

The security firm did not name the agency in its report, but The Record understands that the target of the attack was the United States Commission on International Religious Freedom (USCIRF).

According to its website, the USCIRF is tasked with monitoring the right to freedom of religion and belief abroad and then making policy recommendations to the President, Secretary of State, and US Congress.

The agency has a primary role in shaping US policy in regards to human rights violations and possible sanctions that the US may impose on misbehaving states, and as a result, it is very likely to have access to reports of current abuses across the world.

But despite the sensitive nature of the data it processes, Avast said in a report on Thursday that the agency was unresponsive after notifying it of a security breach of its internal network.