Federal authorities are raising the alarm concerning a cyberattack on U.S. government agencies and other computer systems worldwide that may have been carried out by Russian hackers. Whoever carried out the attack, the nation’s cybersecurity agency warned that it was a “grave” risk to government and private networks.s.
The hack, which has been going on since at least as early as March 2020, at U.S. government agencies, is considered a “grave” threat to the government and private networks by our nation’s cybersecurity agency. In fact, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert warning that the scope of the attack targeting Homeland Security, Commerce, and Treasury departments was broader than initially thought.
(…) Tech giant Microsoft [who still hasn’t solved the BSOD problem], which has helped respond to the breach, revealed late Thursday that it had identified more than 40 government agencies, think tanks, non-governmental organizations and IT companies infiltrated by the hackers. It said four in five were in the United States — nearly half of them tech companies — with victims also in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.
“This is not ‘espionage as usual,’ even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world,” Microsoft said in a blog post.
Per the CISA, the attack targeted a vulnerability in a SolarWinds product used by more than 300,000 customers, including more than 400 of the U.S. Fortune 500 companies, five branches of the U.S. military, and the Departments of Defense, State and Justice, as well as the office of the president. The CISA issued an Emergency Directive instructing federal civilian agencies to immediately disconnect or power down affected SolarWinds Orion products from their network.
SolarWinds also issued an alert:
“The company on Sunday began alerting about 33,000 of its customers that an “outside nation-state” — widely suspected to be Russia — injected malicious code into some updated versions of its premier product, Orion. The ubiquitous software tool, which helps organizations monitor the performance of their computer networks and servers, had become an instrument for spies to steal information undetected.”
CISA officials did not respond to any questions on the matter, so it’s not yet clear what the agency meant when they said the hack was a “grave threat.” Something that makes their threat even more frightening.
I used to think that major Cyberwarfare and Cyberespionage attacks were part of the future—sadly the future is now.[mashshare]