SolarWinds hack: US Treasury’s unclassified systems breached as Washington points finger at Russia and China

0
SolarWinds hack: US Treasury’s unclassified systems breached as Washington points finger at Russia and China

A huge cyber-attack on a software company providing support to several US federal government agencies has breached the unclassified systems of the Treasury, its head Steven Mnuchin has said.

“At this point we do not see any break-in to our classified systems. Our unclassified systems have been accessed,” he said during an interview with CNBC on Monday, adding: “I assure you we are completely on top of this.”

Reports surfaced last week that the SolarWinds Orion platform, a network monitoring tool, had been hacked, an attack blamed on Russia by US Secretary of State Mike Pompeo, while President Trump accused China.

The software provides support to other agencies including the Department of State, NASA and the Pentagon, as well as hundreds of US companies, including Cisco and Microsoft.

It is believed that the hack on Texas-based SolarWinds, affecting some 18,000 of its 300,000 customers, was carried out between March and June, but was only discovered last week, meaning intruders were potentially monitoring systems for nine months.

Hackers reportedly gained access to internal emails through Microsoft’s Office 365 cloud-based service after users downloaded an update to the Orion software that contained malicious code. 

A full list of victims and the extent of the data accessed is unknown, while there are conflicting reports about what data, if any, has been stolen.

On Monday Kremlin spokesman Dmitry Peskov denied the allegations, including from the Washington Post, that Russia was behind the hack, explaining that the country is not involved “in such attacks generally.”

“Any accusations of Russia’s involvement are absolutely unfounded and are a continuation of the kind of blind Russophobia that is resorted to following any incident,” he said.

Of the companies affected by the hack, around 50 have been “genuinely impacted,” according to cyber-security firm Fire Eye, which is itself a victim and was the first to report the incident on December 13. 

A small number of UK-based private organizations, including consultancy firm Deloitte, are also reported to have been hit and the country’s National Cyber Security Centre is now investigating.

Like this story? Share it with a friend!

Comments are closed.