Struck by the domino effect of a sophisticated cyberattack on federal government agencies, U.S. officials warned that this week’s extensive hacking campaign targeting U.S. companies and government agencies posed a “grave risk,” to the government.
“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” CISA said. “Removing the threat actor from compromised environments will be highly complex and challenging.”
INTERNATIONAL FRAUD RING: Two Texas residents busted in $26M international tire scheme
At the heart of this widespread hack is Austin-based IT group SolarWinds. The tech group has a customer base that includes government agencies and Fortune 500 companies, according to Bloomberg News’ William Turton. Thousands of businesses and U.S. government agencies may have been hit after downloading a compromised software update that contained a backdoor from SolarWinds, according to Bloomberg News. Hackers are suspected to have gained access to networks by installing malicious code within the software from SolarWinds.
Per Politico’s Eric Geller, SolarWinds estimates its infected malware has reached roughly 18,000 of its customers. According to security firm Volexity, it is believed that Russian hackers used the SolarWinds backdoor in the final of three intrusions into an unnamed American think tank.
Not only were federal agencies victims of the attack, three states were also breached, according to Bloomberg News. Russia has denied any involvement in the attack.
“This is a patient, well-resourced, and focused adversary that has sustained long duration activity on victim networks,” the CISA said.
CRN’s Michael Novinson notes a strange confluence of events prior to discovery of the backdoor—namely, that private equity firms disposed of more than 13 million shares of SolarWinds stock and appointed a new company CEO four days before the cyberattack on its software was revealed.
While President Trump has remained silent about the massive cyber hack, President-elect Joe Biden stated that cybersecurity would be a pressing priority for his administration.
“I want to be clear: My administration will make cybersecurity a top priority at every level of government–and we will make dealing with this breach a top priority from the moment we take office,” Biden said.
Source : chron.com