Security News > 2020 > December > FBI, CISA, ODNI Describe Response to SolarWinds Attack
The FBI has been tasked with collecting intelligence that can help attribute the attack to a threat actor and disrupt their activities.
The agency is also working with victims to obtain information that can be useful to the government and network defenders.
Shortly after the incident came to light, CISA issued an emergency directive, instructing federal agencies to immediately take action to detect attacks, collect forensic evidence, and eject the attackers from a compromised network.
SolarWinds provides IT management and monitoring solutions to 300,000 organizations worldwide, including governments, educational institutions and businesses.
While the U.S. government has not shared a list of impacted agencies, media reports say victims include the DHS, the Commerce Department, the Treasury, the Defense Department, the State Department, and the National Institutes of Health.
News URL
Related news
- CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- China is using AI to sharpen every link in its attack chain, FBI warns (source)
- CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks (source)
- FBI: US officials targeted in voice deepfake attacks since April (source)
- CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs (source)
- FBI warns of Luna Moth extortion attacks targeting law firms (source)
- CISA says SaaS providers in firing line after Commvault zero-day Azure attack (source)