Major hack of US agencies may have started with software company SolarWinds

gettyimages-1196235476

In this photo illustration, a hacker uses a computer.


Chesnot/Getty Images

More details are coming out about revelations that several US government agencies were hacked. The suspected Russian hack was enabled by a back door built into software from Austin-based IT firm SolarWinds, according to a report from The Wall Street Journal on Tuesday. 

The access point was apparently SolarWinds’ Orion network management software. Once hackers added a backdoor to the Orion code, the “software connected to a server controlled by the hackers that allowed them to launch further attacks against the SolarWinds customer and to steal data,” reported the Journal. 

In a filing with the Securities and Exchange Commission on Monday, SolarWinds said the vulnerable Orion updates were delivered to customers between March and June, and as many as 18,000 customers may have downloaded the software. The Journal report, however, notes that “investigators expect the total number of victims to be much smaller.”

SolarWinds declined to comment.

The hack was spotted a few weeks ago “only when a private cybersecurity firm, FireEye, alerted American intelligence that the hackers had evaded layers of defenses,” according to The New York Times.

See also: How to avoid a spear-phishing attack. 4 tips to keep you safe from timeless scams

The Commerce Department confirmed the news of the hack over the weekend, with the Times reporting that other agencies including the State Department, the Pentagon and the Department of Homeland Security were also impacted. 

“We can confirm there has been a breach in one of our bureaus,” a Commerce spokesperson said on Sunday. “We have asked CISA and the FBI to investigate, and we cannot comment further at this time.”

CNET’s Steven Musil contributed to this report. 

Source Article