US Government Agencies Under Attack

Uploaded on 2020-12-14 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Hackers broke into the networks of federal agencies including the Treasury and Commerce departments in attacks revealed only a few days after US officials warned that cyber actors linked to the Russian government were exploiting vulnerabilities to target sensitive data. 

The FBI and the Department of Homeland Security's cybersecurity arm are investigating what experts say appeared to be a large-scale penetration of US government agencies.

The US has been issued with an emergency warning that nation-state hackers have weaponise software used by almost all Fortune 500 companies and many federal agencies, and a lot of other companies.

US government agencies have been hacked by attackers that used a flaw in up-dated software. The attack was on SolarWinds systems which have been hacked, the company has revealed. These systems are the ones used by government within the Treasury and Commerce Departments that are system monitoring products it released in earlier this year may have been surreptitiously tampered with in a “highly-sophisticated, targeted and manual supply chain attack by a nation state.”

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Emergency Directive, in response to SolarWinds Orion products that are currently being hacked by malicious actors. 

This Emergency Directive now calls on all federal civilian agencies to review their cyber networks for any effects of hacks and to disconnect or power down SolarWinds Orion products immediately.  “The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks... Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners, in the public and private sectors, to assess their exposure to this compromise and to secure their networks against any exploitation.” a CISA spokesman said.

This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.  

The statement came as the US intelligence community is urgently investigating breaches at several government agencies. 

The breach, which is currently believed to be the work of Russian state-sponsored hackers, is similar to the recent attack on leading cyber security firm FireEye which said it had fallen victim to recent hack. FireEye now says is has found many other victims including government, consulting, technology, telecom and extractive entities in US, EU, Europe, Asia and the Middle East.

FireEye disclosed that sophisticated attackers had breached its internal systems and targeted the data of its government customers, though there was no evidence that any government information was stolen, however, the hackers did loot tools that could be used in attacks against other organisations.

FireEye said it believed the hacking campaign “may have begun as early as spring 2020 and is currently ongoing” after hackers managed to insert malware into SolarWinds software updates.

SolarWinds:      CISA:      Reuters:       Bloomberg:       USNews:       ABC7:    

You Might Also Read:

FireEye Attacked By A Foreign Government:

 

« Facebook Could Be Broken Up
Ethiopian Telecoms System Has Critical Security Flaws »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Micro Focus

Micro Focus

Micro Focus is one of the world’s largest enterprise software providers. We deliver trusted and proven mission-critical software that keeps the digital world running.

Ground Labs

Ground Labs

Ground Labs is a security software company dedicated to making sensitive data discovery products that help organisations prevent sensitive data loss.

SEC Consult

SEC Consult

SEC Consult is a leading European consultancy for application security services and information security.

MBL Technologies

MBL Technologies

MBL Technologies specializes in information assurance, enterprise security, privacy, and program/project management.

Cyber Smart Defense

Cyber Smart Defense

Cyber Smart Defense is a specialist provider of penetration testing services and IT security audits.

WolfSSL

WolfSSL

wolfSSL is an embedded SSL/TLS library providing secure communication for IoT, smart grid, connected home, routers, applications, games, phones, and more.

EnigmaSoft

EnigmaSoft

EnigmaSoft is known for its PC anti-malware remediation utility and service under the tradename SpyHunter.

Infosec Cloud

Infosec Cloud

Infosec Cloud is a specialist Cyber Security company offering fully managed Training & Testing Services in addition to market leading Cyber Security technology and accredited professional services.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

Sentrium Security

Sentrium Security

Sentrium is committed to helping organisations protect their technology, information and people. Our range of bespoke services provide solutions to tackle a broad range of cyber security challenges.

Prancer

Prancer

Prancer is the industry's first cloud-native, self-service SAAS platform for automated security validation and penetration testing in the cloud.

Aunalytics

Aunalytics

Aunalytics is a data platform company that delivers insights as a service to answer your most important IT and business questions.

PCCW Global

PCCW Global

PCCW Global is a leading communications service provider, offering mobility, voice and data solutions to multinational enterprises, telecomms partners, cloud and application service providers.

HashiCorp

HashiCorp

At HashiCorp, we believe infrastructure enables innovation, and we are helping organizations to operate that infrastructure in the cloud.

Breathe Technology

Breathe Technology

Breathe Technology has been providing Managed IT Support/ Service Desk, Cloud Services, Cyber Security & Communications to businesses and schools since 2003.

Blackwired

Blackwired

Blackwired has established a new category in cyber security with an intelligence-led model based on the USMC’s Combat Hunter programme ‘Left of Bang’.