Sign In

Communications of the ACM

ACM News

Scope of Russian Hack Becomes Clear: Multiple U.S. Agencies Were Hit


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Nearly all Fortune 500 companies use SolarWinds products to monitor their networks. So does Los Alamos National Laboratory, where nuclear weapons are designed, and major defense contractors like Boeing.

About 18,000 private and government users downloaded a tainted software update that gave Russian hackers a foothold into victims systems, according to the company whose software was compromised.

Credit: Brendan Mcdermid/Reuters

The scope of a hack engineered by one of Russia's premier intelligence agencies became clearer on Monday, when some Trump administration officials acknowledged that other federal agencies — the State Department, the Department of Homeland Security and parts of the Pentagon — had been compromised. Investigators were struggling to determine the extent to which the military, intelligence community and nuclear laboratories were affected by the highly sophisticated attack.

U.S. officials did not detect the attack until recent weeks, and then only when a private cybersecurity firm, FireEye, alerted American intelligence that the hackers had evaded layers of defenses.

It was evident that the Treasury and Commerce Departments, the first agencies reported to be breached, were only part of a far larger operation whose sophistication stunned even experts who have been following a quarter-century of Russian hacks on the Pentagon and American civilian agencies.

About 18,000 private and government users downloaded a Russian tainted software update — a Trojan horse of sorts — that gave its hackers a foothold into victims' systems, according to SolarWinds, the company whose software was compromised.

 

From The New York Times
View Full Article

 


 

No entries found