US Government Agencies Under Attack

Uploaded on 2020-12-14 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Hackers broke into the networks of federal agencies including the Treasury and Commerce departments in attacks revealed only a few days after US officials warned that cyber actors linked to the Russian government were exploiting vulnerabilities to target sensitive data. 

The FBI and the Department of Homeland Security's cybersecurity arm are investigating what experts say appeared to be a large-scale penetration of US government agencies.

The US has been issued with an emergency warning that nation-state hackers have weaponise software used by almost all Fortune 500 companies and many federal agencies, and a lot of other companies.

US government agencies have been hacked by attackers that used a flaw in up-dated software. The attack was on SolarWinds systems which have been hacked, the company has revealed. These systems are the ones used by government within the Treasury and Commerce Departments that are system monitoring products it released in earlier this year may have been surreptitiously tampered with in a “highly-sophisticated, targeted and manual supply chain attack by a nation state.”

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Emergency Directive, in response to SolarWinds Orion products that are currently being hacked by malicious actors. 

This Emergency Directive now calls on all federal civilian agencies to review their cyber networks for any effects of hacks and to disconnect or power down SolarWinds Orion products immediately.  “The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks... Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners, in the public and private sectors, to assess their exposure to this compromise and to secure their networks against any exploitation.” a CISA spokesman said.

This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.  

The statement came as the US intelligence community is urgently investigating breaches at several government agencies. 

The breach, which is currently believed to be the work of Russian state-sponsored hackers, is similar to the recent attack on leading cyber security firm FireEye which said it had fallen victim to recent hack. FireEye now says is has found many other victims including government, consulting, technology, telecom and extractive entities in US, EU, Europe, Asia and the Middle East.

FireEye disclosed that sophisticated attackers had breached its internal systems and targeted the data of its government customers, though there was no evidence that any government information was stolen, however, the hackers did loot tools that could be used in attacks against other organisations.

FireEye said it believed the hacking campaign “may have begun as early as spring 2020 and is currently ongoing” after hackers managed to insert malware into SolarWinds software updates.

SolarWinds:      CISA:      Reuters:       Bloomberg:       USNews:       ABC7:    

You Might Also Read:

FireEye Attacked By A Foreign Government:

 

« Facebook Could Be Broken Up
Ethiopian Telecoms System Has Critical Security Flaws »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Radiant Logic

Radiant Logic

Radiant Logic is a market-leading provider of federated identity solutions based on virtualization, and delivers simple, logical, and standards-based access to all identities within an organization.

CLUSIL

CLUSIL

CLUSIL is an association for the information security industry in Luxembourg.

InPhySec

InPhySec

InPhySec is a leading New Zealand information, physical and cyber security company.

Augusta HiTech

Augusta HiTech

Augusta Hitech is a focused product development, software services and technology consulting company. Our Vision is to become the most socially impactful and innovative technology company in the world

Security Innovation Network (SINET)

Security Innovation Network (SINET)

SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration.

CentricalCyber

CentricalCyber

CentricalCyber is a cyber risk consultancy and NIST CSF specialist set up to help business leaders better understand and manage cyber risk.

Cognyte

Cognyte

Cognyte are a market leader in security analytics software that empowers governments and enterprises with Actionable Intelligence for a safer world.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

Syracom

Syracom

syracom is a consultancy firm specialized in development of efficient business processes. With our expertise and IT competence, we develop tailored solutions for customers in various industries.

Siren

Siren

Siren provides the leading Investigative Intelligence Platform to some of the world’s leading Law Enforcement, National Security and Cyber threat investigators.

ThreatDefence

ThreatDefence

ThreatDefence provides innovative SIEM, SOC-as-a-Service, and proactive cyber defence solutions to MSP’s and Enterprises.

inSOC

inSOC

inSOC is an enterprise-grade AI-driven SOCaaS solution detecting breaches 24/7 with vulnerability management built-in. Designed for MSPs and MSSPs.

ReachOut Technology

ReachOut Technology

ReachOut is a transformative approach to IT Security, Support, and Guidance. But we’re more than that. We’re passionate IT experts driven to make solutions to your problems.

Quantum Dice

Quantum Dice

Quantum Dice is an award-winning venture-backed spinout from Oxford University’s world-renowned quantum optics laboratory.

Relyance AI

Relyance AI

Relyance AI - One unified platform for privacy, security, & governance.

Cloudsmith

Cloudsmith

Cloudsmith is the only cloud-native, global, universal artifact management platform for securely developing and distributing software.