SolarWinds Hack May be Tip of Iceberg, Evidence of Multiple Hacks Found
On 12/17/20 at 12:46 PM EST
The United States cybersecurity agency says it has evidence of multiple ways in which a massive, months-long software supply chain attack might have infiltrated a wide range of public and private sector systems, in addition to known malware that infected software company SolarWinds.
The Department of Homeland Security s Cybersecurity and Infrastructure Security Agency (CISA) released a statement Thursday updating their assessment of the recently uncovered cyber incident perpetrated by a yet unidentified adversary labeled simply as an advanced persistent threat (APT) actor.
The announcement identified some of the Orion IT products believed to have been infected with hidden Trojans that found their way into the likes of the U.S. Treasury Department and the Department of Commerce, among other U.S. federal agencies.
Tues
day and welcome to Overnight Defense. I m Ellen Mitchell, and here s your nightly guide to the latest developments at the Pentagon, on Capitol Hill and beyond. CLICK HERE to subscribe to the newsletter.
THE TOPLINE: An active-duty U.S. soldier died last week from COVID-19, the Army confirmed Tuesday, marking the military’s second active-duty death and 14th death overall during the pandemic.
Sgt. Setariki Korovakaturaga, a 43-year-old soldier assigned to the 44th Expeditionary Signal Battalion, 2nd Theater Signal Brigade in Baumholder, Germany, died last Wednesday while en route to the hospital, U.S. Army Europe and Africa said in a news release.
“We see this even more strongly from the Chinese Communist Party, from the North Koreans as well,” Pompeo said. “It’s an ongoing battle, an ongoing struggle to keep our systems safe, and I’m very confident the United States Government will keep our classified information out of the hands of these bad actors.”
The federal government began its response to the attacks over the past weekend, with the months-long espionage effort discovered as part of investigation into the breach of cybersecurity company FireEye that was announced last week.
Bloomberg News reported Tuesday that National Security Advisor Robert O’Brien had cut short a trip to the Middle East and Europe to return to the U.S. and address the massive cybersecurity incident, and that O’Brien planned to convene “high-level” meetings to respond to the attack over the next few days.