Austin-based SolarWinds at center of massive US government hack:
Hackers broke into the networks of the Treasury and Commerce departments as part of a global cyberespionage campaign. They accessed those networks by slipping malware into a SolarWinds software update, according to the global cybersecurity firm FireEye, which was also compromised.
The FBI and the Department of Homeland Security’s cybersecurity arm are investigating what experts and former officials said appeared to be a large-scale penetration of U.S. government agencies. Industry experts said it bore the hallmarks of Russian tradecraft.
“This can turn into one of the most impactful espionage campaigns on record,” said cybersecurity expert Dmitri Alperovitch.
The hacks were revealed less than a week after FireEye disclosed that foreign government hackers had broken into its network and stolen the company’s own hacking tools. Many experts suspect Russia is responsible. FireEye’s customers include federal, state and local governments and top global corporations.
The apparent conduit for the Treasury and Commerce Department hacks — and the FireEye compromise — is a hugely popular piece of server software called SolarWinds. It is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies who will now be scrambling to patch up their networks, said Alperovitch, the former chief technical officer of the cybersecurity firm CrowdStrike.
FireEye, without naming the breached agencies or other targets, said in a blog post that its investigation into the hack of its own network had identified “a global campaign” targeting governments and the private sector that, beginning in the spring, slipped malware into a SolarWinds software update.
The malware gave the hackers remote access to victims’ networks.Source
The IT monitoring software targeted—called Orion—is used by “hundreds of thousands of organizations globally,” The Associated Press (AP) reported on Sunday. SolarWinds says on its website its products are currently used by more than 300,000 customers spanning sectors including military, government, business and education.
According to its website, U.S. clients include the Pentagon, State Department, NASA, NOAA, National Security Agency (NSA), Postal Service, Department of Justice and the Office of the President of the United States. In addition, it lists all of the top five U.S. accounting firms and “hundreds” of universities and colleges across the world. Here is a partial list of customers:
That’s lot of companies; But Dominion Voting Systems a bigger target?
As you can see on the Dominion Voting System page; Solarwinds is displayed on the bottom of the login page. Interesting…. The CISA is calling for all systems using SolarWinds to be powered down :
Emergency Directive 21-01 calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
So my question is why isn’t Dominion powered down? Why are they allowing themselves to be opened to hackers? Maybe they are trying to erase the corruption and lies of the 2020 election… We will have to see what happens from this: