The U.S. officials has revealed that Microsoft was included in the massive breach, but people familiar with the matter warned that it could just be the tip of the iceberg. The incidents affecting Microsoft and the software company SolarWinds Corp. may be just be a part of software supply chain attack that have been going on for months.
According to Reuters, the malware inflicted on Orion IT products are believed to have found their way into U.S. government agencies like the Defense and Energy Departments, including the National Nuclear Security Administration (NSSA) that manages the US nuclear weapons.
While software companies have already removed the link from those back doors to the hackers' computers, it is also possible that they installed other ways to keep their access. Thus, officials said security teams should use special channels for communicating to avoid hackers to know their detection and intervention actions.
Two Reuter sources revealed that government offices like FBI, Justice Department, and Defense Department are now using classified networks for routine communication as nonclassified networks are believed to have also been compromised.
President-elect Joe Biden said in a statement that he would "elevate cybersecurity as an imperative across the government" to further deter such major hacks. Meanwhile, members of the Congress demanded more information about the attacks. They will have a classified briefing on December 18 with the FBI and other agencies.
Among the hacked government agencies include the U.S. Energy Department and National Nuclear Security Administration (NSSA), which oversees the country's nuclear weapons. However, a spokesperson of the Energy Department said the malware "has been isolated to business networks only" and did not affect the U.S. national security, particularly the NNSA.
However, CISA urged investigators to be extra careful and not to assume organizations that did not use SolarWinds software updates are safe. CISA also noted that not all networks that hackers gained access were exploited. So far, it is known that cybercriminals have at least monitored the email system and other data of the Departments of Homeland Security, Defense, State, Commerce, and Treasury, but CISA continues to analyze other areas that attackers may have used.
Related article: SolarWinds Breach: FireEye Discovers More than 25 Firms Compromised
This is owned by Tech Times
Written by CJ Robles