Article
Cloud & Cybersecurity

US treasury among those hacked by suspected state actor

By William Smith
December 14, 2020
undefined mins
The United States has been forced to issue an emergency order after it was revealed that a number of departments had been hacked...

The United States has been forced to issue an emergency order after it was revealed that a number of departments had been hacked.

In an emergency directive issued by the cybersecurity arms of the US department of Homeland Security, the US told all federal agencies to disconnect from SolarWinds’ Orion platform. The directive read: “Affected agencies shall immediately disconnect or power down SolarWinds Orion products, versions 2019.4 through 2020.2.1 HF1, from their network. [...] Affected entities should expect further communications from CISA and await guidance before rebuilding from trusted sources utilizing the latest version of the product available.”

Orion is software used by both companies and government organisations to manage networks and systems. Responding to the news, its maker Solarwinds said on Twitter: “SolarWinds asks all customers to upgrade immediately to Orion Platform version 2020.2.1 HF 1 to address a security vulnerability.”

The incident follows on from news last week that intelligence security firm FireEye had been hacked, resulting in “Red Team assessment tools”, which FireEye uses to test its clients’ defences, being stolen, and led to an 8% drop in its share price.

As part of its investigation, the company now says it has revealed “a global campaign” to infiltrate the software supply chain, via SolarWinds’ Orion network monitoring product. Hackers managed to insert “malicious code” into software updates for the product that then gave attacks remote access.

In a blog post, FireEye CEO Kevin Mandia said: “Based on our analysis, we have now identified multiple organizations where we see indications of compromise dating back to the Spring of 2020, and we are in the process of notifying those organizations. Our analysis indicates that these compromises are not self-propagating; each of the attacks require meticulous planning and manual interaction. Our ongoing investigation uncovered this campaign, and we are sharing this information consistent with our standard practice.”

FireEyeUSCybersecuritySolarWinds
Share
Share

Featured Articles

How Intel AI is Powering the 2024 Paris Olympic Games

Intel's AI technology is set to transform the Paris 2024 Olympic and Paralympic Games, enhancing experiences for athletes, spectators and global audiences

OpenText’s Muhi Majzoub: Engineering Platform Growth with AI

At OpenText World Europe 2024, we heard from EVP & Chief Product Officer Muhi Majzoub about OpenText’s latest product developments and future outlook

Top 100 Women 2024: Tanja Rueckert, Bosch - No. 6

Technology Magazine’s Top 100 Women in Technology honours Bosch’s Tanja Rueckert at Number 6 for 2024

Tech & AI LIVE London: One Month to Go

Digital Transformation

OpenText CEO Roundtable: The Future of Safe Enterprise AI

Digital Transformation

Top 100 Women 2024: Julie Sweet, Accenture - No. 5

Digital Transformation