US Government Agencies Under Attack

Uploaded on 2020-12-14 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Hackers broke into the networks of federal agencies including the Treasury and Commerce departments in attacks revealed only a few days after US officials warned that cyber actors linked to the Russian government were exploiting vulnerabilities to target sensitive data. 

The FBI and the Department of Homeland Security's cybersecurity arm are investigating what experts say appeared to be a large-scale penetration of US government agencies.

The US has been issued with an emergency warning that nation-state hackers have weaponise software used by almost all Fortune 500 companies and many federal agencies, and a lot of other companies.

US government agencies have been hacked by attackers that used a flaw in up-dated software. The attack was on SolarWinds systems which have been hacked, the company has revealed. These systems are the ones used by government within the Treasury and Commerce Departments that are system monitoring products it released in earlier this year may have been surreptitiously tampered with in a “highly-sophisticated, targeted and manual supply chain attack by a nation state.”

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Emergency Directive, in response to SolarWinds Orion products that are currently being hacked by malicious actors. 

This Emergency Directive now calls on all federal civilian agencies to review their cyber networks for any effects of hacks and to disconnect or power down SolarWinds Orion products immediately.  “The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks... Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners, in the public and private sectors, to assess their exposure to this compromise and to secure their networks against any exploitation.” a CISA spokesman said.

This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.  

The statement came as the US intelligence community is urgently investigating breaches at several government agencies. 

The breach, which is currently believed to be the work of Russian state-sponsored hackers, is similar to the recent attack on leading cyber security firm FireEye which said it had fallen victim to recent hack. FireEye now says is has found many other victims including government, consulting, technology, telecom and extractive entities in US, EU, Europe, Asia and the Middle East.

FireEye disclosed that sophisticated attackers had breached its internal systems and targeted the data of its government customers, though there was no evidence that any government information was stolen, however, the hackers did loot tools that could be used in attacks against other organisations.

FireEye said it believed the hacking campaign “may have begun as early as spring 2020 and is currently ongoing” after hackers managed to insert malware into SolarWinds software updates.

SolarWinds:      CISA:      Reuters:       Bloomberg:       USNews:       ABC7:    

You Might Also Read:

FireEye Attacked By A Foreign Government:

 

« Facebook Could Be Broken Up
Ethiopian Telecoms System Has Critical Security Flaws »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cloud Security Alliance (CSA)

Cloud Security Alliance (CSA)

The CSA is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing

Open Systems International (OSI)

Open Systems International (OSI)

Our innovative Operations Technology (OT) solutions are highly scalable and can be deployed by various utility companies to monitor, control and optimize their real-time operations.

Expanse

Expanse

Expanse SaaS-delivered products plus service expertise reduce your internet edge risk to prevent breaches and successful attacks.

InFyra

InFyra

InFyra is an IoT & Telecoms specialist consultancy, with extensive global and local experience in business and technology strategy, networks and solutions development.

Sevatec

Sevatec

Sevatec’s Active Cyber Defense (ACD) methodology proactively defends against adversarial kills chain, addressing active and emerging threats while reducing program vulnerabilities and risks.

Responsible Cyber

Responsible Cyber

Protect yourself with Responsible Cyber’s 360° platform, IMMUNE, arming you with comprehensive support for your business.

Skudo

Skudo

Skudo is dedicated to creating innovative best-in-class solutions that protect data exchange with the highest level of security and privacy.

Acmetek Global Solutions

Acmetek Global Solutions

Acmetek is a Global Distributor and a Trusted Advisor of PKI /IOT & SSL Security Products and a Managed Services Company.

ConnectSecure

ConnectSecure

ConnectSecure (formerly CyberCNS) is a global cybersecurity company that delivers tools to identify and address vulnerabilities and manage compliance requirements.

LANCOM Systems

LANCOM Systems

LANCOM Systems is the leading European manufacturer of secure, reliable and future-proof networking (WAN, LAN, WLAN) and firewall solutions for the public and private sectors.

NSI Global

NSI Global

NSI Global is a specialist Global Risk and Intelligence Advisory Firm that has built a reputation for consistently managing complex projects.

Finesse Global

Finesse Global

Finesse is a global system integration and digital business transformation company.

Professional Labs

Professional Labs

Professional Labs specialize in simplifying complex problems for our customers with Cloud Services, Managed Services and Cyber Security.

IS4IT Kritis

IS4IT Kritis

IS4IT is your partner for the successful planning, introduction and implementation of company-specific information security concepts.

Teal Technology Consulting

Teal Technology Consulting

TEAL Technology Consulting is your trusted advisor for all your information security needs.

Lightpath

Lightpath

Lightpath is revolutionizing how organizations connect to their digital destinations by combining our next-generation network with our next-generation customer service.