The US has issued an emergency warning after discovering that “nation-state” hackers hijacked software used by almost all Fortune 500 companies and multiple federal agencies to gain entry to secure IT systems. Hundreds of thousands of organizations around the world use SolarWinds’ Orion platform. The US department of Homeland Security’s cyber security arm ordered all federal agencies to disconnect from the platform, which is used by IT departments to monitor and manage their networks and systems.
FireEye, a leading cyber security company that said it had fallen victim to the hacking campaign last week, said it had already found “numerous” other victims including government, consulting, technology, telecom, and extractive entities in North America, Europe, Asia, and the Middle East.In the US, the National Security Council (NSC) said on Monday it was working to coordinate a swift and effective whole-of-government recovery and response to the recent compromise.
Over the weekend, the US commerce department confirmed it had a “breach in one of our bureaus” and said it had asked the Cybersecurity and Infrastructure Security Agency (Cisa) and the FBI to investigate. CISA said it was “providing technical assistance to affected entities” while the FBI said it was “appropriately engaged”.