The Department of Energy on Thursday said it had found malicious software related to the breach of contractor SolarWinds on the department's IT networks, making it the latest federal agency to be swept up in a hacking campaign reportedly tied to Russian Federation.
And the U.S.is poorer for it.
Also, according to the Cyber Security and Infrastructure Security Organization Vulnerability to Solar Winds Orion Software Revealed in this attack is not the only way hackers have compromised multiple online networks.
In response to the threat, the FBI has launched investigations to "attribute, pursue, and disrupt the responsible threat actors", and CISA issued an emergency directive ordering federal civilian agencies to immediately shut down affected SolarWinds Orion products in their network. Security experts are calling it the biggest hack in a decade. The hack was first reported to have affected the U.S. Commerce and Treasury Departments, with Homeland Security also attacked.
The number of potential victims in the SolarWinds WorldWide LLC hack continues to rise today, as the U.S. Energy Department and National Nuclear Security Administration are believed to have been compromised - along with Microsoft Corp., though the software giant strongly denies it.
While President Donald Trump has yet to publicly address the hack, President-elect Joe Biden issued a statement Thursday on "what appears to be a massive cybersecurity breach affecting potentially thousands of victims, including us companies and federal government entities". Dominion's CEO John Poulos told state lawmakers in MI on December 15 that the company has never used the SolarWinds Orion products.
In a statement on Thursday, the Cybersecurity and Infrastructure Security Agency (CISA) warned that it might be hard to eliminate the malware completely through network software. The report added that after the hackers breached Microsoft, they then used Microsoft's own products in follow-on hacks against others. So, when the company sent software updates to government systems - similar to ones people receive on phones and computers.
"This is not 'espionage as usual, ' even in the digital age", he wrote in a blog post.
Hackers believed to be working for Russian Federation have been monitoring internal email traffic at US agencies in breaches being investigated by the Federal Bureau of Investigation. "We have no indication of this", Smith said. It said vulnerable software was disconnected from the DOE network to reduce any risk.
Warning that there is likely worse news to come, Brandon Hoffman, chief information security officer at IT service management firm Netenrich Inc. If so, they are now remarkably well situated. A partial customer listing that was taken offline showed that its customers include all five branches of the U.S. military, more than 425 of the U.S. Fortune 500, as well as the Office of the President of the United States.
Another US official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, said the hack was severe and extremely damaging although the administration was not yet ready to publicly blame anyone for it.
A group led by CEOs in the electric power industry said it held a "situational awareness call" earlier this week to help electric companies and public power utilities identify whether the compromise posed a threat to their networks. SolarWinds said about 18,000 users downloaded the malicious update.
/s3.amazonaws.com/arc-wordpress-client-uploads/sfr/wp-content/uploads/2020/12/13162341/000-12-Covid-map-Main_ROA-112.jpg)
