SolarWinds Hack ‘Poses a Grave Risk to the Federal Government’

Patrick Lux/Getty
Patrick Lux/Getty

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that the recent hack of the Austin-based IT company SolarWinds was much worse than initially reported and “poses a grave risk to the federal government.” The National Nuclear Security Administration, which maintains America’s nuclear stockpile, has been targeted by the hack.

CNBC reports that the scale of the recent cyberattack against the Austin-based IT firm SolarWinds is beginning to be understood and could be much worse than previously thought. In a summary on Thursday, the CISA said that the threat “poses a grave risk to the federal government.”

The summary added that “state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations” are also at risk. CISA believes that the attack could have begun as early as March, since then multiple government agencies have been targeted by the hackers with the Energy and Commerce departments confirming that they were hacked.

CISA stated: “This threat actor has demonstrated sophistication and complex tradecraft in these intrusions. Removing the threat actor from compromised environments will be highly complex and challenging.”

It is further being reported that the Energy Department and its National Nuclear Security Administration, which maintains America’s nuclear stockpile, was targeted by the hackers. An investigation has found that the hack didn’t affect “mission-essential national security functions,” according to Shaylyn Hynes, a Department of Energy spokeswoman. Hynes added: “At this point, the investigation has found that the malware has been isolated to business networks only.”

On Wednesday, the FBI stated that it is “investigating and gathering intelligence in order to attribute, pursue, and disrupt the responsible threat actors.”

It is now being reported that Microsoft was hacked in connection with the SolarWinds attack. “We have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data,” a Microsoft spokesperson said in a statement. “Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others,” they added.

More than 40 client organizations were compromised in the attack, Microsoft stated. Microsoft President Brad Smith said in a blog post: “While roughly 80% of these customers are located in the United States, this work so far has also identified victims in seven additional countries. This includes Canada and Mexico in North America; Belgium, Spain and the United Kingdom in Europe; and Israel and the UAE in the Middle East. It’s certain that the number and location of victims will keep growing.”

Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address lucasnolan@protonmail.com

.

Please let us know if you're having issues with commenting.