According to a threatening alert released on Thursday by the Department of Homeland Security, a cyberattack suspected to be related to Russia appears to pose a significant danger’ to the U.S. government networks and the private sector.
The Cybersecurity and Infrastructure Security Agency (CISA) bulletin from DHS released the most striking assessment of a cascading threat to federal, state, and local networks to date.
The bulletin reported that “CISA has determined that this threat poses a grave risk to the federal government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,”
Federal computer networks were infiltrated by the attackers via a common piece of server software sold by a company named SolarWinds.
The threats, involving major U.S. government branches, have put an untold number of Americans, organizations, and government secrets at risk of exposure.
Officials at the Energy Department, and the National Nuclear Security Administration, which oversees the country’s nuclear weapons arsenal, are now evaluating the compromises.
“This actor has demonstrated patience, operational security, and complex trade-craft in these intrusions,” CISA said of the hackers, adding that the ongoing effort to eliminate the threat “will be highly complex and challenging.”
At this point, the investigation showed that the malware was isolated only from company networks and did not involve the Department’s mission-critical national security operations, like the National Nuclear Security Administration (NNSA).
“The investigation is ongoing and the response to this incident is happening in real time,” DOE spokesperson Shaylyn Hynes said.
Immediate action was taken to minimize the danger as DOE detected vulnerable software and all software identified as vulnerable to this attack was disconnected from the DOE network.
Apparently, the attack emerged from the same campaign of cyber espionage that threatened cybersecurity company FireEye, international governments, and major corporations.
Hundreds of thousands of businesses worldwide are using the FireEye service, including several Fortune 500 corporations and many U.S. government agencies, who will now struggle to shore up their networks.