She said a company American security FireEye: Hackers believed to be acting on behalf of a foreign government broke into the software company SolarWinds and then published a malware-related update to the Orion platform in order to infect the networks of several US companies and government networks.
The FireEye report comes after Reuters reported an occurrence Hacked by the US Treasury and NTIA’s National Communications and Information Administration.
The attack against software company SolarWinds reveals how Earlier this month, hackers gained access to the FireEye network.
The Washington Post quoted sources who claimed that several other government agencies were also affected.
Reuters reported that the incident was considered so serious that it led to a rare meeting of the US National Security Council at the White House, the day before, on Saturday.
Sources who spoke to the Washington Post linked the hack to a group APT29This is the codename used by the cybersecurity industry to describe hackers associated with the Russian Foreign Intelligence Service (SVR).
In security alerts sent to customers, Microsoft also confirmed the penetration of SolarWinds and provided countermeasures to customers who may have been affected.
The software company SolarWinds is published Press release He admits to breaching Orion, a software platform for centralized monitoring and management.
Typically, the Orion platform is used in large networks to track all IT resources, such as: servers, workstations, mobile phones, and IoT devices.
The software company said: The update versions of the Orion platform from 2019.4 to 2020.2.1, released between March and June 2020, are contaminated with malware.
The hacking campaign does not appear to be targeting the United States specifically The campaign is widespread and affects public and private institutions around the world.
The victims included a range of governmental, advisory and technical entities in North America, Europe, Asia and the Middle East, and it is expected that there will be additional victims in other countries and sectors.
SolarWinds plans to release the new update, which replaces the breach issue and provides many additional security improvements, on December 15th.