US treasury and commerce departments targeted in cyber attack

The US has issued an emergency order after revealing that its treasury and commerce departments had been hacked.

All federal civilian agencies have been told to disconnect from SolarWinds, a computer network tool that is being exploited by “malicious actors”.

The US has not publicly identified who is behind the attack.

The incident comes less than a week after cyber security firm FireEye disclosed that its hacking tools had been stolen in a breach.

In its order, the US Cybersecurity and Infrastructure Security Agency (Cisa) said the current hack had a high potential to compromise government systems.

Tech firm SolarWinds, which designed the tool, said on Twitter that users of its Orion platform should upgrade immediately to address a “security vulnerability”.

FireEye revealed in a blog post it had identified “a global campaign” from earlier this year to compromise the computer networks of private and public organisations by inserting malicious code into software updates.

The firm said this included updates to SolarWinds Orion, which give attackers remote access to the victims’ environment.

It added that the campaign demonstrated “top-tier operations tradecraft and resources” consistent with state-sponsored attackers.

Three people familiar with investigations into the most recent attack told Reuters news agency that Russia is believed to be behind the hack.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.