OCR Warns of Global Supply-Chain Cyberattacks Via SolarWinds Orion healthitsecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from healthitsecurity.com Daily Mail and Mail on Sunday newspapers.
Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of the iceberg.
[.]
The cyber spies are believed to have gotten in by surreptitiously tampering with updates released by IT company SolarWinds, which serves government customers across the executive branch, the military, and the intelligence services, according to two people familiar with the matter. The trick - often referred to as a “supply chain attack” - works by hiding malicious code in the body of legitimate software updates provided to targets by third parties.
Russian Hackers Steal Data for Months in Global Supply Chain Attacks infosecurity-magazine.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from infosecurity-magazine.com Daily Mail and Mail on Sunday newspapers.
CISOs around the world whose organizations use SolarWinds’ Orion IT management platform are scrambling to patch the suite and look for signs of data theft after reports Sunday that recent security updates for the platform had been infected with malware. This led to numerous data breaches including last week’s embarrassing hack of security vendor FireEye.
It wasn’t immediately clear if this supply chain hack through SolarWinds is related to Sunday’s news that unnamed hackers broke into the networks of U.S. federal agencies responsible for deciding American internet and telecommunications policy, including the treasury and commerce department agencies.
18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack
Nation-state attackers used poisoned SolarWinds network management software updates to distribute malware; US government orders federal civilian agencies to immediately power down the technology.
In what may well turn out to be one of the most significant supply-chain attacks in recent years, a likely nation-state backed group compromised systems at SolarWinds and inserted malware into updates of the company s widely used Orion network management products that were released between March and June 2020.
In total, about 33,000 of SolarWinds 300,000 customers which include numerous government agencies, 499 of the Fortune 500 companies, and over 22,000 managed service providers could have potentially received the compromised software updates. Some 18,000 organizations worldwide may have actually installed the poisoned software on their systems, SolarWinds said in a SEC filing Monday.