Russians are the alleged top suspects behind the massive hacking, which was initially discovered among email trails from the US Treasury and Commerce Department's NTIA. However, it was recently discovered that three US agencies, including the US State Department, Department of Homeland Security (DHS), and the Department of Defense, were part of the SolarWinds breach.
The country is investigating the matter, including public and private businesses who are clients using SolarWinds' services for cybersecurity, which have been hit with one of the nastiest hacks to cap off this year. The recent breach on the country's agencies is considered one of the most considerable hacking against the US for several years now.
Over the weekend, the US Treasury and Commerce's National Telecommunications and Information Administration (NTIA) were discovered to have several confidential emails subject to the hacks. Additionally, Russia's APT29 codenamed "Cozy Bear" was recognized as the main perpetrator of the hack that breached the agencies.
Further investigations led to discovering three more agencies within the US government to be subject to the attack, with two of these known mainly as security agencies of America. According to Fox News, some elements of the DoD, Homeland Security (DHS), and the US State Department were all part of the attack, alongside Treasury and Commerce.
The Russians' sophisticated attack has swept the country off its feet, coming in as a surprise which no one knew and expected to be coming. Additionally, the hacking campaign was plotted ingeniously, having an extensive plan to take over and gather sensitive information from the said five US agencies who fell victim.
SolarWinds Hack 2020 Details: 18,000 Customers Led to 'Piggybacking' Russian Hackers
The SolarWinds' software was the entry point that led the Russian hackers and "Cozy Bear" to access the country's confidential files through the cybersecurity landscape. A total of 18,000 customers have unknowingly "piggybacked" the said Russian hackers after downloading the flawed software, which led to the breach.
The customers of SolarWinds had no way of knowing this as the Russian hackers hid well in the landscape before its actual move against the five US agencies, initially discovered within the US Treasury. SolarWinds said in a security advisory that the cyberattacks were integrated on the Orion Platform software.
The Russian hack speculations were composed of intelligence agents, primarily from the "SVG," which is also considered the modern-day "KGB," the secret police during the earlier years. SolarWinds have not yet identified the identity or origin of the hack which compromised their networks.
The cybersecurity company has now advised its Orion platform users to upgrade to "2020.2.1 HF1," which is SolarWinds' solution to the recent cyberattack and address security issues. The company is known to service Fortune 500 companies and Boeing, a significant arms manufacturer for the US Military.
The Russian government has denied any involvement in the recent attack, saying that they took no part in the hacking, despite the source being a popular Russian APT29 called "Cozy Bear."
This article is owned by Tech Times
Written by Isaiah Alonzo