The Pentagon, State Department, NASA, National Security Agency (NSA), Postal Service, NOAA, Department of Justice, and the Office of the President of the United States are clients of SolarWinds.įireEye was one of the first security firms that investigated the incident. The threat actors carried out a highly-sophisticated supply chain attack: SolarWinds networking and security products are currently used by more than 300,000 customers worldwide, including government agencies, military offices, major US telecommunications companies, education institutions, and Fortune 500 companies. After the disclosure of the attack, CISA issued the Emergency Directive 21-01, calling on all federal civilian agencies to review their networks for indicators of compromise power down SolarWinds Orion products immediately. The situation immediately appeared critical. Back in December, the SolarWinds supply chain attack made the headlines when a Russian cyber espionage group tampered with updates for SolarWinds’ Orion Network Management products that the IT company provides to government agencies, military, and intelligence offices.Ī report published by the Washington Post, citing unnamed sources, attributes the attacks to the Russia-linked APT29 cyberespionage group (aka Cozy Bear).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |