Treasury and Commerce Departments Hit in Global Cyberespionage Campaign
The U.S. Treasury and Commerce Departments have been compromised in a supply-chain attack on SolarWinds, a security provider that helps the federal government and a range of Fortune 500 companies monitor their IT networks. The Homeland Security Department’s cybersecurity unit issued an emergency directive Sunday calling on all federal civilian agencies to scour their networks for compromises, The Associated Press reports.
“Treat all hosts monitored by the SolarWinds Orion monitoring software as compromised by threat actors and assume that further persistence mechanisms have been deployed,” the U.S. Cybersecurity and Infrastructure Security Agency advised. The government has not publicly identified who might be behind the hacking, but three of the people familiar with the investigation said Russia was believed to be responsible for the attack, Reuters reports.
The attacks also were linked to a recently disclosed hack on FireEye, a major U.S. cybersecurity company with government and commercial contracts. Hackers broke into the National Telecommunications and Information Administration’s office software, which is Microsoft’s Office 365. Staff emails at the agency were monitored by the hackers for months, sources told Reuters.