in

US treasury and commerce departments targeted in cyber attack

US treasury and commerce departments targeted in cyber attack

Logo of United States Treasury Department is seen in Washington, DC, United States on February 04, 2020

Getty Images

The US has issued an emergency order after revealing that its treasury and commerce departments had been hacked.

All federal civilian agencies have been told to disconnect from SolarWinds, a computer network tool that is being exploited by “malicious actors”.

The US has not publicly identified who is behind the attack.

The incident comes less than a week after cyber security firm FireEye disclosed that its hacking tools had been stolen in a breach.

In its order, the US Cybersecurity and Infrastructure Security Agency (Cisa) said the current hack had a high potential to compromise government systems.

Tech firm SolarWinds, which designed the tool, said on Twitter that users of its Orion platform should upgrade immediately to address a “security vulnerability”.

FireEye revealed in a blog post it had identified “a global campaign” from earlier this year to compromise the computer networks of private and public organisations by inserting malicious code into software updates.

The firm said this included updates to SolarWinds Orion, which give attackers remote access to the victims’ environment.

It added that the campaign demonstrated “top-tier operations tradecraft and resources” consistent with state-sponsored attackers.

Three people familiar with investigations into the most recent attack told Reuters news agency that Russia is believed to be behind the hack.

In a statement on Facebook, Russia’s foreign ministry described the allegations as “baseless”.

Published at Mon, 14 Dec 2020 08:19:58 +0000

What do you think?

Written by Riel Roussopoulos

Comments

Leave a Reply

Your email address will not be published.

Loading…

0

Sizewell C: Government in talks to fund £20bn nuclear plant

Blood donation: Rule change means more gay and bisexual men can give blood