At least three states were hacked and the U.S. nuclear weapons agency was infiltrated into the alleged Russian cyberattack, a violation of one of the most important cybersecurity abuses in recent memory in many of the federal government entities. In the course of the attack, Microsoft said its devices were also disclosed.
Hackers with links to the Russian government are believed to be responsible for a well-orchestrated attack that used vulnerabilities in the U.S. supply chain to infiltrate many federal agencies, including Homeland Security, Treasury, Commerce, and State departments. While several specifics are still unknown, hackers have access to networking by installing malicious code in a commonly use SolarWinds Corp. software program which according to experts in company and cybersafety, involves government agencies and Fortune 500 businesses.
According to authorities, the hackers have inflicted more harm to the FERC compared with other agencies. The DoE now adds six of the federal agencies affected by this issue, the Pentagon, the Ministry of Homeland Security, the Ministry of the Treasury, the National Health Institute, and the Ministry of Commerce.
The established attack vector for the incident is SolarWinds’ Orion network security platform, whose users were compromised by a stealth backdoor that paved the way for lateral movement to other areas of the network. It was sent out via malicious product notifications to almost 18,000 organizations across the globe.
CISA has been verbally berated to the United States in 2020, whose top official, Christopher Krebs. Source reports have said that presidential elections are secure, said FERC is exhausted and has no resources to react properly.
As for the attackers, the exact scope of the attack is unclear. Researchers and policymakers alike have said the infiltration is possibly by Russo intelligence, citing the highly sophisticated character of the operation, although official attribution has not been provided by the United States.