Attack on SolarWinds’ Software Vulnerabilities Linked to Recent Hacking Incident in the U.S

The Pentagon, Department of Homeland Security, the Commerce Department, the Department of the Treasury, the U.S. Postal Service and the National Institutes of Health were among the federal agencies confirmed to have been affected by the latest cybersecurity breach, as disclosed by the government agencies and media reports. Experts are pointing their fingers on the Russian government for allegedly masterminding the attack on SolarWinds’ Orion software’s security vulnerabilities. The IT company has around 300 customers, comprising of the federal government and hundred of large U.S companies, that mostly use Orion software to monitor their computer networks. Russia has denied the allegations.

Read: U.S Government Networks Hacked, Investigation Ongoing

Screenshot from Russian Embassy in USA Twitter

NPR.Org: The incident is the latest in what has become a long list of suspected Russian electronic incursions into other nations – particularly the U.S. – under President Vladimir Putin

Screenshot from NPR.Org

According to NPR.Org, the hack hinged on a vulnerability on a software monitoring product from SolarWinds, a company based in Austin, Texas. The company works widely with the federal government and hundreds of large U.S. companies. Many use SolarWinds’ Orion software to monitor their computer networks.

The incident is the latest in what has become a long list of suspected Russian electronic incursions into other nations – particularly the U.S. – under President Vladimir Putin. Multiple countries say Russia was previously found to have used hackers, bots and other means in attempts to influence elections in the U.S. and elsewhere.

To carry out the attack, hackers exploited the supply chain that SolarWinds uses to distribute software updates. The company said it has proof that when it sent updates to customers between March and June, the updates to the Orion products also included malware that gave hackers access.

The Hill: The Washington Post reported Sunday that a Russian military intelligence hacking group known as “Cozy Bear” was responsible.

Screenshot from The Hill

The Hill shared a report disclosed by Reuters that SolarWinds  had been hacked by a nation state, and that the Treasury Department and a Commerce Department agency had been among those successfully breached. On Monday, reports emerged that the Department of Homeland Security (DHS) had also been successfully breached. 

According to Washington Post,  a Russian military intelligence hacking group known as “Cozy Bear” was responsible. The same group was previously accused of hacking into the State Department during the Obama administration, and of targeting COVID-19 vaccine research earlier this year. 

Secretary of State Mike Pompeo on Monday described the incident as a “consistent effort by the Russians to try to get into American servers, not only those of government agencies but of businesses” during an interview with Breitbart News Radio on SiriusXM Patriot.