SolarWinds Orion hack: Pentagon, White House and US army impacted | World News - Hindustan Times
close_game
close_game

SolarWinds Orion hack: Pentagon, White House and US army impacted

Hindustan Times, New Delhi | Byhindustantimes.com| Edited by Mallika Soni
Dec 15, 2020 05:26 PM IST

According to Reuters, which broke the news on Sunday, hackers believed to be working for Russia have been monitoring internal email traffic at the US treasury and commerce departments.

Communications at the US treasury and commerce departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks.

SolarWinds, publicly-listed in Austin, is a Texas-based company with a value of over $6 billion. According to the company, it has over 300,000 customers.(Reuters)
SolarWinds, publicly-listed in Austin, is a Texas-based company with a value of over $6 billion. According to the company, it has over 300,000 customers.(Reuters)

According to Reuters, which broke the news on Sunday, hackers believed to be working for Russia have been monitoring internal email traffic at the US treasury and commerce departments. Reuters reported that the hackers managed to hide malicious code in a software update for a tool called Orion, which is typically used to make IT simpler with a single panel for administering various parts of a network.

Hindustan Times - your fastest source for breaking news! Read now.

Earlier this year, hackers believed to be sponsored by the Russian government managed to inject malware into Orion updates released between March 2020 and June 2020 which provided them with a strong foothold for future hacking.

SolarWinds, publicly-listed in Austin, is a Texas-based company with a value of over $6 billion. According to the company, it has over 300,000 customers including more than 425 of the US Fortune 500 all ten of the top 10 US telecommunications companies, all five branches of the US military, all five of the top five US accounting firms, the Pentagon, the State Department, the National Security Agency, the department of justice and the White House.

The Pentagon is the biggest customer, with the army and the navy being big users. The department of veterans affairs, which is heavily involved in the US response to Covid-19, is another Orion customer and the biggest spender on the tool in recent years. The National Institutes of Health, DHS and the FBI are also amongst the many branches of the US government that have previously bought the tool.

The immediate impact of the revelations is expected to be purely operational as Certified Information Systems Auditor (CISA) has recommended government civilian agencies to stop using SolarWinds Orion. “The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks. Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation,” CISA’s acting director Brandon Wales said.

This is the fifth emergency directive issued by CISA under the authorities granted by Congress in the cybersecurity act of 2015.

Unlock a world of Benefits with HT! From insightful newsletters to real-time news alerts and a personalized news feed – it's all here, just a click away! - Login Now! Get Latest World News along with Latest News from India at Hindustan Times.
SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Thursday, February 22, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On