Hacking campaign targeted US energy, treasury and commerce agencies plus others. ‘Significant and ongoing’ cyber attack, suspected to be the work of Russia, poses a grave risk to ‘critical infrastructure entities’ as well.
The US government continues to reel from a large and sophisticated hacking campaign that affected top federal agencies, including the energy department, the treasury and commerce departments, and is even said to have targeted the agency responsible for the country’s nuclear weapons stockpile.
Authorities expressed increasing alarm over the hack, suspected to be the work of Russia, warning that it poses “a grave risk” to federal, state and local governments, as well as “critical infrastructure entities”.
In a statement on Thursday, the Cybersecurity and Infrastructure Security Agency (Cisa) also warned that it will be difficult to remove the malware inserted through network software.
“Removing this threat actor from compromised environments will be highly complex and challenging for organizations,” the agency said.
Thursday’s comments were the most detailed yet from the agency since reports of the hack emerged over the weekend. The US government on Wednesday confirmed that an operation by elite hackers affected its networks and said the attack was “significant and ongoing”.
The true scale of the breach is still unknown, but looks to have extended beyond the US government. On Thursday, Reuters reported that Microsoft was also hacked as part of the suspected Russian campaign, according to people familiar with the matter.SolarWinds, the company behind the software targeted by hackers, said earlier this week that up to 18,000 of its more than 300,000 customers had downloaded the compromised software.
Hackers believed to be working for Russia introduced malware into SolarWind’s popular network safety tool called Orion, which is used by numerous government agencies and large corporations.
The hack began as early as March, when malicious code was snuck into updates to Orion, which monitors the computer networks of businesses and governments for outages.
That malware gave the hackers remote access to an organization’s networks, including internal emails. The content the hackers sought to steal – and how successful they were – remains unclear.
SOURCE ⇒ THEGUARDIAN
Consider supporting AMIBC™. Contribute by clicking on the advertisers and sponsors featured on AMIBC™ and please utilize them. Readers from around the world, like you, make our work possible. We need your support to deliver quality, vetted, investigative journalism – and to keep it open for everyone. At a time when factual, honest reporting is critical, your support is essential in protecting our editorial independence. The narratives and issues impacting all Americans is tantamount to the AMIBC™ platform. Every contribution, however big or small, is valuable for our future. Make sure to join the AMIBC Founders Club to maximize the total advantage of being a subscriber.