Skip to main content

SolarWinds flaw leads to cyberattacks on US government

cyber security
(Image credit: Image Credit: Sergey Nivens / Shutterstock)

Remember the high-profile FireEye intrusion we reported on last week? Well, it turns out whoever was behind the attack successfully targeted more than just the cybersecurity company.

Over the past weekend, the US Treasury Department, as well as the US Department of Commerce's National Telecommunications and Information Administration (NTIA), were both reportedly breached by the method. Some outlets have also claimed that other state agencies were affected as well.

"The campaign is widespread, affecting public and private organizations around the world," FireEye said. "The victims have included government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East. We anticipate there are additional victims in other countries and verticals."

The breach seems to be as severe as it was in the case of FireEye and led to a “rare meeting” of the US National Security Council at the White House on Saturday, ZDNet reports.

Detailing the breach in a blog post, FireEye says the attack was made possible by a compromised update from software provider SolarWinds. It was this company who was allegedly breached first, with malware being introduced into a patch for its Orion software, which was later downloaded and installed by all affected parties.

While FireEye has not ventured to guess who is behind the attack, others were quick to point the finger at Russian group APT29.