 |
| SolarWinds is linked to the hacking of US agencies |
American security company FireEye said: The hacker believed it was SolarWinds, a software company that invaded on behalf of foreign governments and then released malware-related updates to the Orion platform; To infect the networks of many US companies and government networks.
The FireEye report was released after Reuters reported a violation of the US Treasury and the National Communications and Information Administration (NTIA).
The attack on software company SolarWinds revealed how hackers gained access to the FireEye network earlier this month.
The Washington Post quoted sources as saying that several other government agencies had been affected.
Reuters reported that the incident was considered so serious that it led to a rare meeting of the National Security Council held at the White House on Saturday.
Sources who spoke to the Washington Post linked the hackers to APT29, a code name used by the cybersecurity industry to describe hackers associated with Russia's SVR, foreign intelligence agency.
In a security alert sent to customers, Microsoft also confirmed the SolarWinds hack and provided countermeasures to potentially affected customers.
Software company SolarWinds has published a press release acknowledging violations of Orion (a central software platform for monitoring and management).
The Orion platform is typically used on large networks to track all computing resources such as servers, workstations, cell phones, and IoT devices.
The software maker said: The updated version of the Orion platform, released from March 2020 to June 2020 from 2019.4 to 2020.2.1, is contaminated with malware.
The hacking movement does not appear to be targeting the United States specifically because the movement is pervasive and affects public and private institutions around the world.
The victims included a range of government agencies, advisers and technical agencies in North America, Europe, Asia and the Middle East. It is expected that there will be more victims in other countries and departments.
SolarWinds plans to release a new update on December 15th to address the vulnerability and make several other security improvements.