Microsoft, which is helping investigate the hack, says it identified 40 government agencies, companies and think tanks that have been infiltrated.
MOTOROLA RADIO PROGRAMMING SOFTWARE RUSSIA MANUAL
The victims include government, consulting, technology, telecom and other entities in North America, Europe, Asia and the Middle East, according to the security firm FireEye, which helped raise the alarm about the breach.Īfter studying the malware, FireEye said it believes the breaches were carefully targeted: "These compromises are not self-propagating each of the attacks require meticulous planning and manual interaction." SolarWinds has some 300,000 customers, but it said "fewer than 18,000" installed the version of its Orion products that appears to have been compromised. The Department of Energy acknowledged its computer systems had been compromised, though it said malware was "isolated to business networks only, and has not impacted the mission essential national security functions of the Department, including the National Nuclear Security Administration." Postal Service and the National Institutes of Health. government entities reportedly includes the Commerce Department, the Department of Homeland Security, the Pentagon, the Treasury Department, the U.S. "It's as if you wake up one morning and suddenly realize that a burglar has been going in and out of your house for the last six months," said Glenn Gerstell, who was the National Security Agency's general counsel from 2015 to 2020. But those same agencies seem to have been blindsided by the hackers who have had months to dig around inside U.S. national security agencies made major efforts to prevent Russia from interfering in the 2020 election. Multiple countries have previously accused Russia of using hackers, bots and other means in attempts to influence elections in the U.S. The episode is the latest in what has become a long list of suspected Russian electronic incursions into other nations under President Vladimir Putin. In addition, CISA said that removing the malware will be "highly complex and challenging for organizations." Cybersecurity and Infrastructure Security Agency on Thursday delivered an ominous warning, saying the hack "poses a grave risk" to federal, state and local governments as well as private companies and organizations. Included are members of the Senate Armed Services Committee, where Chairman James Inhofe, a Republican from Oklahoma, and the top Democrat on the panel, Jack Reed of Rhode Island, issued a joint statement Thursday saying "the cyber intrusion appears to be ongoing and has the hallmarks of a Russian intelligence operation."Īfter several days of saying relatively little, the U.S. intelligence agencies have started briefing members of Congress, and several lawmakers have said the information they've seen points toward Russia. President Trump has been silent about the hack and his administration has not attributed blame. Russia's foreign intelligence service, the SVR, is believed to have carried out the hack, according to cybersecurity experts who cite the extremely sophisticated nature of the attack.
MOTOROLA RADIO PROGRAMMING SOFTWARE RUSSIA UPDATE
SolarWinds says that nearly 18,000 of its customers - in the government and the private sector - received the tainted software update from March to June of this year. Many federal agencies and thousands of companies worldwide use SolarWinds' Orion software to monitor their computer networks.
The hackers attached their malware to a software update from SolarWinds, a company based in Austin, Texas. Industry experts say a country mounted the complex hack - and government officials say Russia is responsible. government networks and private companies' systems around the world. The Pentagon is one of several government entities that have been part of a hack that hinged on a vulnerability in SolarWinds' Orion network monitoring products.īill Clark/CQ-Roll Call, Inc via Getty ImagĪ massive computer breach allowed hackers to spend months exploring numerous U.S.