The U.S. Treasury. (Sealy J. via Wikipedia/CC)
Network intrusions at the U.S. Commerce Department, the U.S. Treasury, FireEye and more all appear to be linked to subverted software updates for a network monitoring product called Orion, made by SolarWinds.
On Sunday, the U.S. Commerce Department confirmed it had been targeted by hackers, and the U.S. Treasury has also reportedly been struck. On Monday, new victims were added to the list: the Department of Homeland Security, State Department and National Institutes of Health, The Washington Post reports.
Reuters first reported the incidents, with the Post suggesting that a Russian hacking group known as Cozy Bear, aka APT29, is the source.