SolarWinds Hack May be Tip of Iceberg, Evidence of Multiple Hacks Found
On 12/17/20 at 12:46 PM EST
The United States cybersecurity agency says it has evidence of multiple ways in which a massive, months-long software supply chain attack might have infiltrated a wide range of public and private sector systems, in addition to known malware that infected software company SolarWinds.
The Department of Homeland Security s Cybersecurity and Infrastructure Security Agency (CISA) released a statement Thursday updating their assessment of the recently uncovered cyber incident perpetrated by a yet unidentified adversary labeled simply as an advanced persistent threat (APT) actor.
The announcement identified some of the Orion IT products believed to have been infected with hidden Trojans that found their way into the likes of the U.S. Treasury Department and the Department of Commerce, among other U.S. federal agencies.