Security News > 2020 > December > FBI, CISA officially confirm US govt hacks after SolarWinds breach
The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence.
The National Security Council has established a Cyber Unified Coordination Group following the SolarWinds breach to help the intelligence agencies better coordinate the US government's response efforts surrounding this ongoing espionage campaign.
Yesterday, BleepingComputer also reported that Microsoft, FireEye, and GoDaddy collaborated to create a kill switch for the SolarWinds backdoor deployed on compromised networks to force the malware to terminate itself.
The list of victims includes the US Treasury, the US Department of State, US NTIA, US NIH, DHS-CISA, and the US Department of Homeland Security.
SolarWinds' customer listing [1, 2] includes over 425 of the US Fortune 500, all top ten US telecom companies, the US Military, the US Pentagon, the State Department, NASA, NSA, Postal Service, NOAA, the US Department of Justice, and the Office of the President of the United States.
News URL
Related news
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)
- CISA warns of increased breach risks following Oracle Cloud leak (source)
- FBI: US lost record $16.6 billion to cybercrime in 2024 (source)
- Luna Moth extortion hackers pose as IT help desks to breach US firms (source)
- 'We still have embeds in CISA': CTO of Brit cyber agency talks post-Trump relationship with US counterpart (source)
- FBI: US officials targeted in voice deepfake attacks since April (source)
- Scammers are deepfaking voices of senior US government officials, warns FBI (source)
- Chinese hackers breach US local governments using Cityworks zero-day (source)
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations (source)
- Adidas warns of data breach after customer service provider hack (source)