The email systems of several government agencies including the U.S. Departments of Treasury and Commerce were breached and monitored by foreign actors most likely connected to the Russian government, the Trump administration acknowledged December 13, 2020.
“Highly sophisticated” threat actors were apparently able to compromise authentication protocols used by Microsoft’s Office suite of applications, including Word, Outlook, and Excel, according to the Washington Post.
The same report pointed to SolarWinds, a network management system and company based in Austin, Texas as the entry point for the hacks. The company’s customers include all five branches of the U.S. military, the Pentagon, the State Department, NASA, the NSA, the Department of Justice, and the top five accounting firms in the U.S., according to its website.
“We are aware of a potential vulnerability which if present is currently believed to be related to updates… to our Orion monitoring products,” said a statement issued by SolarWinds President and CEO Kevin Thompson issued December 13, 2020.
“We believe that this vulnerability is the result of a highly-sophisticated, targeted and manual supply chain attack by a nation state… We are acting in close coordination with FireEye,” the report indicated.
FireEye, a global leader in cybersecurity research and defense, announced that it had been breached earlier last week.
Reports from the Washington Post and the New York Times both suggest that the culprit behind these attacks originated from APT29, or “Cozy Bear,” the same group responsible for hacks of the State Department and the Executive Branch during the Obama administration.
"While we don’t know the full depth and breadth of this digital supply chain attack, it illustrates a dire cybersecurity truth: We are only ever as cybersecure as our vendors. We’re all in this together, and this hack underscores the delicate nature of our interconnected cyber networks," said Cyberscout founder and chairman Adam Levin. "Doubtless there will be more revelations to come."