Russians hack into software vendor to gain access to US agencies

Russian hackers working for the Kremlin are said to have gained access to top U.S. federal agencies, including the Treasury, Commerce and Homeland Security departments, as well as Fortune 500 companies by breaking into SolarWinds, a provider of network management software to large public and private organizations.

“As we learned in the NotPetya attacks, software supply chain attacks of this nature can have devastating and wide-ranging effects — whether it’s via niche Ukrainian tax software or, as here, network management tools relied upon by some of the world’s largest companies,” Mark Warner, D-Va., the top Democrat on the Senate Intelligence Committee, said in a statement.

Warner was referring to the 2017 attack on Ukraine’s M.E. Doc software, the equivalent of TurboTax or Quicken in the United States, which was hijacked by Russian military hackers who injected a malware called NotPetya into the software. The malware spread on its own from computer to computer and leaped across countries, taking down giant corporations such as the shipping company Maersk. 

On its now deleted customer list page, SolarWinds said its clients included 425 of the Fortune 500 companies, including Microsoft, Lockheed Martin and Ford Motor Co., as well as all “five branches of the U.S. military,” the Pentagon, Justice Department, State Department, and the “Office of the President of the United States.” 

The company also mentioned the Centers for Disease Control and Prevention, the U.S. Air Force and the Federal Reserve among its customers. The company took down its customer page from its website after news of the attack, but a copy was stored on the Internet Archive.

Source Article