She said US Cybersecurity and Infrastructure Security Agency CISA: The large-scale attack against information technology management company SolarWinds has infected more systems than previously thought.
The agency explained that the widespread cyber espionage campaign, which was announced earlier this month, affects state and local governments, although it issued a few additional details.
The hacking campaign, which has used US technology company SolarWinds as a springboard to penetrate federal government networks, is affecting enterprise networks across federal, state and local governments, as well as critical infrastructure entities and other private sector enterprises.
The US Cybersecurity and Infrastructure Security Agency (CISA) said last week that US government agencies, critical infrastructure entities, and private companies were among those affected, but did not specifically mention government or local agencies.
Not confirmed yet Officially only a few federal government agencies are affected, including the US Treasury, Department of Commerce and Energy Department.
The US Cybersecurity and Infrastructure Security Agency (CISA) did not specify which state or local agencies were affected.
And Reuters reported earlier that Pima County, Arizona, was among the victims of the wave of incursions.
The chief information officer in the county previously told Reuters: that his team stopped the SolarWinds program as soon as the breach spread, and that investigators had not found any evidence of another breach.
Senior American officials and lawmakers claimed that Russia is responsible for the wave of hacking, and it is believed that the Russian Foreign Intelligence Service, SVR, is the one who carried out the hack. It is a charge denied by the Kremlin.
The agency is investigating signs of abuse of open standard tokens for exchanging authentication and authorization data between the identity provider and the SAML service provider, allowing various programs to connect and log on once to access various services.
SolarWinds says: between March and June of this year, nearly 18,000 of its customers received the software update that includes malware.
CISA said: The hacking enforcement agency has the resources, patience and expertise to access highly sensitive information and its privileges if left unchecked.