Security News > 2020 > December > US Treasury, Dept of Commerce hacks linked to SolarWinds IT monitoring software supply-chain attack
Kevin Thompson, SolarWinds president and CEO, said his company is "Aware of a potential vulnerability" that may have been in "Updates which were released between March and June 2020 to our Orion monitoring products."
The vandalized SolarWinds code is said to have been exploited by miscreants to sneak into networks within the US government bodies, among them the Treasury and the Department of Commerce's telecoms agency NTIA, where Orion is used.
The Washington Post also reported that not only were the government hacks made possible via SolarWinds' software, the attack was perpetrated by Russian hacking group APT29, aka Cozy Bear.
Long story short, this is a bad one and made worse by the fact that SolarWinds offers infrastructure monitoring but appears not to have been able to keep its own website and APIs clean.
SolarWinds says of its 300,000-plus customers, no more than 18,000 installed the backdoored update, which includes the US government.
News URL
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)
- US govt officials’ communications compromised in recent telecom hack (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)