![]() On December 18, the Unified Coordination Group provided a classified Member briefing by telephone about the attacks. On December 17, the Committees launched an investigation into the cyberattacks. The SolarWinds cyberattack, first uncovered in mid-December, 2020, by FireEye, exposed vulnerabilities in our software supply chain, compromised numerous federal and private sector networks, and caused undetermined damage to our national security. Thompson, Chairman of the Committee on Homeland Security, will hold a joint hearing examining recent cybersecurity incidents affecting government and private sector networks, including the supply chain attack targeting SolarWinds Orion Software and other cyberattacks. Maloney, Chairwoman of the Committee on Oversight and Reform, and Rep. Feel like sharing your thoughts with us? Use the comment section below.Chairwoman Maloney's Opening Statement Chairman Thompson's Opening Statement Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. You can find out more about what you have to do here: SolarWinds released a fix for the issue yesterday. ![]() If you're a SolarWinds customer and you're using the compromised software it might be a good idea to stop what you're doing and patch, patch, patch. The breach was so significant for the Fed that the National Security Council held an emergency meeting to try and wrap their head around how damaging the breach was.Īs for what should happen next, that's still up in the air. If you're unfamiliar with them check out this article) has already told impacted government bodies via a release ( Read Here ) to disconnect the Orion products from their network. The Cybersecurity & Infrastructure Security Agency (CISA. Since the hackers are the ones who compromised the software to begin with, I assume they've had access to these emails for a long, long time. What's important is those emails belonged to people in the Department of the Treasury, Department of Homeland Security, and the Pentagon. So far it looks like they were monitoring internal communications. I don't think the general public will ever get absolute confirmation that Russia was behind the attack, outside of what's already been said publicly. Unsure, but currently we believe the attack was pulled off by a team known for working with the Russian Foreign Intelligence Service (SVR). According to a recent court filing from SolarWinds ( read here ), the company estimates 18,000 of their customers had the compromised software installed. Hackers used a very sophisticated manual supply chain attack to monitor the communications of the SolarWinds customers who had the versions installed. The versions, 2019.4 HF 5 through 2020.2.1, were deployed between March and June of this year. ( Read Here )īack in March, hackers compromised two software updates to Orion, a SolarWinds product that's billed as a scalable, one-stop-shop IT monitoring software. “We looked through 50,000 lines of source code, which we were able to determine there was a backdoor within SolarWinds,” said Charles Carmakal, senior vice president and chief technical officer at Mandiant, FireEye’s incident response arm, in a recent interview with Bloomberg. Some of the tools had already been shared with the public, while others were proprietary to the FireEye Red Team program and not publicly available.Īs FireEye researched the breach, they came to realize it was connected to a compromised piece of software they had downloaded and installed from a business partner, SolarWinds. The cybersecurity firm said the attack was sophisticated, so much so, that they believed it to be the work of a foreign nation.Īfter breaching FireEye, attackers stole a collection of tools the company's Red Team uses to mimic cyberattacks with customers to help the customer better protect themselves. Up to 18,000 SolarWinds customers were affected by the attack and FireEye had proprietary cybersecurity tools stolen.Īmongst those 18,000 customers were both the United States Federal Government, and FireEye.wait a minute.are these two attacks connected? You better believe it!Įarlier this month, FireEye was hacked. Two major cybersecurity firms had their lunch eaten by hackersįireEye and SolarWinds were hacked. It's been a heck of a month for cybercriminals.
0 Comments
Leave a Reply. |