Organizations Compromised in SolarWind Supply Chain Attack webpronews.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from webpronews.com Daily Mail and Mail on Sunday newspapers.
The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort.
The U.S. Department of Homeland Security (DHS), plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. In addition, defense contractors and enterprises were caught up in the attack, FireEye said, which was carried out using a supply-chain attack targeting a SolarWinds network-management platform.
The Russian foreign-intelligence service is believed to be the culprit, people familiar with the matter told the Wall Street Journal. “Hundreds of thousands of government and corporate networks” have been opened to potential risk, making it a notable attack that goes far beyond the garden-variety espionage attempt, the sources said.
Russia s Cozy Bear fingered, FireEye details injected backdoor and says it s worldwide Share
Copy
Updated SolarWinds Orion IT monitoring platform has been compromised, and speculation is swirling it was used as a base camp by state-backed hackers to infiltrate major US government organizations.
Kevin Thompson, SolarWinds president and CEO, said his company is aware of a potential vulnerability that may have been in updates which were released between March and June 2020 to our Orion monitoring products. We believe that this vulnerability is the result of a highly sophisticated, targeted and manual supply chain attack by a nation state, he added. We are acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community, and other law enforcement to investigate these matters. As such, we are limited as to what we can share at this time.