Security News > 2020 > December > US Treasury, Dept of Commerce hacks linked to SolarWinds IT monitoring software supply-chain attack
Kevin Thompson, SolarWinds president and CEO, said his company is "Aware of a potential vulnerability" that may have been in "Updates which were released between March and June 2020 to our Orion monitoring products."
The vandalized SolarWinds code is said to have been exploited by miscreants to sneak into networks within the US government bodies, among them the Treasury and the Department of Commerce's telecoms agency NTIA, where Orion is used.
The Washington Post also reported that not only were the government hacks made possible via SolarWinds' software, the attack was perpetrated by Russian hacking group APT29, aka Cozy Bear.
Long story short, this is a bad one and made worse by the fact that SolarWinds offers infrastructure monitoring but appears not to have been able to keep its own website and APIs clean.
SolarWinds says of its 300,000-plus customers, no more than 18,000 installed the backdoored update, which includes the US government.
News URL
Related news
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- North Korea targets crypto developers via NPM supply chain attack (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) (source)
- Week in review: PostgreSQL 0-day exploited in US Treasury hack, top OSINT books to learn from (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)