SolarWinds Hack May be Tip of Iceberg, Evidence of Multiple Hacks Found
On 12/17/20 at 12:46 PM EST
The United States cybersecurity agency says it has evidence of multiple ways in which a massive, months-long software supply chain attack might have infiltrated a wide range of public and private sector systems, in addition to known malware that infected software company SolarWinds.
The Department of Homeland Security s Cybersecurity and Infrastructure Security Agency (CISA) released a statement Thursday updating their assessment of the recently uncovered cyber incident perpetrated by a yet unidentified adversary labeled simply as an advanced persistent threat (APT) actor.
The announcement identified some of the Orion IT products believed to have been infected with hidden Trojans that found their way into the likes of the U.S. Treasury Department and the Department of Commerce, among other U.S. federal agencies.
By Lauren C. Williams
Dec 09, 2020
The Defense Information Systems Agency has refreshed its three-year strategy to better emphasize cyber defense, the role of cloud and enterprise services. Because of the planning efforts we undertook in 2019, DISA was able to turn on a dime to support the Department of Defense and the whole-of-government response to the COVID-19 pandemic, said Navy Vice Adm. Nancy Norton, director of DISA and commander of Joint Force Headquarters-Department of Defense Information Network. But we had to accelerate implementation at a very rapid pace.
Technology solutions, such as the cloud-based internet isolation (CBII) browser, that emerged from the pandemic response are now foundational to DISA s strategy, which aims to provide a framework for what and how the agency acquires products and services in the coming years.