Security News > 2020 > December > FBI, CISA, ODNI Describe Response to SolarWinds Attack
The FBI has been tasked with collecting intelligence that can help attribute the attack to a threat actor and disrupt their activities.
The agency is also working with victims to obtain information that can be useful to the government and network defenders.
Shortly after the incident came to light, CISA issued an emergency directive, instructing federal agencies to immediately take action to detect attacks, collect forensic evidence, and eject the attackers from a compromised network.
SolarWinds provides IT management and monitoring solutions to 300,000 organizations worldwide, including governments, educational institutions and businesses.
While the U.S. government has not shared a list of impacted agencies, media reports say victims include the DHS, the Commerce Department, the Treasury, the Defense Department, the State Department, and the National Institutes of Health.
News URL
Related news
- CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
- CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks (source)
- Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- CISA and FBI: Ghost ransomware breached orgs in 70 countries (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- CISA flags Craft CMS code injection flaw as exploited in attacks (source)