U.S. Cyber Experts Scramble to Assess the Scope of the ‘Hack of a Decade’ – By Kimberly Dozier (TIME) / Dec 18 2020
U.S. government cyber experts are working furiously in secure offices around the globe, sifting through computer traffic to figure out which federal systems have been penetrated in the sweeping cyber-spying attack that the FBI warned this week is “significant and ongoing.” Suspected Russian hackers have broken into sensitive U.S. government computer networks from the Pentagon to the Department of Energy, as well as top U.S. private businesses, rummaging around in them and likely reading emails and gathering data.
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) called the attack, which started in March or possibly earlier, “a grave risk” to the U.S. government. Experts from both the government and top U.S. private firms compromised in the attack are taking whole sections of their computer networks offline or quarantining them for a deeper forensic dive to figure out what was copied or taken, and if the hackers left any malware code behind.
The hackers exploited a little-known but widely used software program called Orion made by cyber company SolarWinds, whose client list includes the Office of the U.S. President, the Pentagon, NASA, NSA, all five branches of the U.S. military and most of the Fortune 500 companies, including the top ten U.S. communications companies.
The Austin, Texas-based company removed its client list from its website after reporting the hack may have affected some 18,000 customers. The company says it has been “advised that the nature of this attack indicates that it may have been conducted by an outside nation state” and is urging clients to update their systems to remove the threat. The company did not immediately respond to request for comment. CISA referred to the attackers as “a patient, well-resourced, and focused adversary” adding that the Orion software vulnerability wasn’t the only way it attacked, but declining to share further details.
CONTINUE > https://time.com/5923056/cyber-attack-us-government/
