Security News > 2020 > December > Another Massive Russian Hack of US Government Networks
The press is reporting a massive hack of US government networks by sophisticated Russian hackers.
One government official said it was too soon to tell how damaging the attacks were and how much material was lost, but according to several corporate officials, the attacks had been underway as early as this spring, meaning they continued undetected through months of the pandemic and the election season.
The attack vector seems to be a malicious update in SolarWinds' "Orion" IT monitoring platform, which is widely used in the US government.
SolarWinds' comprehensive products and services are used by more than 300,000 customers worldwide, including military, Fortune 500 companies, government agencies, and education institutions.
More than 425 of the US Fortune 500 All ten of the top ten US telecommunications companies All five branches of the US Military The US Pentagon, State Department, NASA, NSA, Postal Service, NOAA, Department of Justice, and the Office of the President of the United States All five of the top five US accounting firms Hundreds of universities and colleges worldwide.
News URL
Related news
- China-Linked Cyber Threat Group Hacks US Treasury Department (source)
- CISA says recent government hack limited to US Treasury (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
- US sanctions Chinese firm, hacker behind telecom and Treasury hacks (source)
- HPE notifies employees of data breach after Russian Office 365 hack (source)
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) (source)
- Week in review: PostgreSQL 0-day exploited in US Treasury hack, top OSINT books to learn from (source)