US Energy Department says cyber hack limited to business networks

Share

Microsoft, the U.S. Energy Department and the National Nuclear Security Administration, which oversee the nation's nuclear weapon stockpile, were all reportedly targeted in the breach.

A surprisingly large percentage of the world's enterprise networks run it. Hackers backed by a nation state-two U.S. senators who received private briefings say it was Russia-managed to take over SolarWinds' software build system and push a security update infused with a backdoor. Certain federal investigators have reportedly spent the remaining last few days all trying to piece together exactly what happened.

"At this point, the investigation revealed that the malware was isolated only for corporate networks and did not affect the core national security functions of the Department's mission, including National Nuclear".

"When DoE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DoE network", she said.

However, the breach is far more serious than what many had imagined as the United States nuclear weapons agency was hacked too.

The Cybersecurity and Infrastructure Security Agency released a statement outlining countermeasures.

While President Donald Trump has yet to publicly address the hack, President-elect Joe Biden issued a statement Thursday on "what appears to be a massive cybersecurity breach affecting potentially thousands of victims, including USA companies and federal government entities".

The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) called the hacking campaign "significant and ongoing" and have formed a group called the Cyber Unified Coordination Group to respond to the hack.

Warning that there is likely worse news to come, Brandon Hoffman, chief information security officer at IT service management firm Netenrich Inc. The SolarWinds Orion platform was compromised. So, when the company sent software updates to government systems - similar to ones people receive on phones and computers. A report Tuesday added the State Department and National Institutes of Health to the list.

Not All iPhone 13 Models Will Have A 120Hz Display
It's worth mentioning, however, that Apple is also expected to use FaceID along with TouchID in iPhone 13. Back in January, we saw reports that signs of a new Apple TV were present in an iOS 13.4 beta.

CISA said on Thursday that the hacking campaign is larger than previously known and that the alleged foreign actors gained backdoor access in more ways than through the SolarWinds software.

The hack began in at least March 2020, and those responsible had "demonstrated patience, operational security, and complex tradecraft", the Cisa said.

CISA previously issued an emergency directive on December 13, ordering all federal agencies to immediately disconnect Solarwinds Orion products and check their networks for signs of compromise.

CISA did not identify who was behind the attack, but it has been widely reported that many suspect the Russian government is responsible, which, according to the BBC, has denied the claims.

Up to 18,000 SolarWinds Orion customers downloaded updates containing malicious software installed by hackers.

SolarWinds serves over 300,000 customers around the world. FERC regulates transmission of gas and power between states, but has no control over the USA or regional power grids.

While initially it was thought that SolarWinds was the only company that was under attack, soon reports started circulating that its government clients were the main target.

A screenshot of Dominion Voting Systems' website shows use of SolarWinds software.

Share