Federal agencies in the United States have been hacked, and government communications may have been scrutinized by foreign powers.
The cyber attacks included the Us Treasury and Commerce departments, and the us government issued an emergency order asking federal agencies to suspend the use of a software.
All federal agencies have been instructed to stop using the SolarWinds Orion computer networking tool, which was the subject of a “malicious attack”.
FireEye, a company that provides cyber security services to the US government, said hackers broke into systems to steal cyber security tools.
Fireeye said it was a “massive global operation” that used “the highest levels of cyber attack technology and resources” and targeted governments, technology companies and telecommunications companies across North America, Europe, Asia and the Middle East.
Crosshead “Highly complex”
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued a order saying the current hack has the potential to compromise government systems.
SolarWinds, based in Austin, Texas, said 300,000 customers worldwide, including the US military, The Defence Department, the State Department and the Oval Office, and all Orion platform users, should immediately upgrade to address “safety concerns”.
The company said updates rolled out to maintain system security were ‘highly complex… A targeted attack, “possibly backed by a national government.
SolarWinds’ Orion software, which allows it workers inside corporate networks to gain remote access to computer systems, could be the “tip of the iceberg” for cyber attackers looking at internal Treasury emails. The security breach was far worse than thought.
Reuters reported that three people familiar with the investigation believe Russia is behind the attack.
But the Russian Foreign Ministry said in a statement on its Facebook page that the allegations were “baseless”.
The Department of Homeland Security has ordered all federal agencies to stop using and shutting down all devices and devices connected to the SolarWinds Orion software.
John Ullyot, a spokesman for the National Security Council, said the administration was “taking all necessary action to identify and resolve all issues related to this.”
Analysis by Joe Tidy, BBC web correspondent at Crosshead:
In the world of cyber security, it is hard to know just how much damage has been done by hackers.
The average person has very little information, and the victim doesn’t even know he or she was attacked in the first place.
So when Fireeye revealed last week that hackers were hacking into its systems to steal security tools, we were like the protagonists of a horror movie holding flashlights in dark basements, seeing little rather than everything.
The latest development is like turning on a light switch, and the whole scene of horror unfolds before your eyes.
The fireeye attack turned out to be just a small part of a much larger and more serious hack.
A supply-chain attack is when a hacker actually gets hold of all the users of SolarWinds.
Just looking at the company’s customer list is enough to break a cold sweat. Almost all of the Fortune 500’s largest companies are clients, as are the U.S. military and several federal agencies.
The U.S. government’s cybersecurity arm is now fully in crisis mode, but it’s often too late to spot cyber attacks.