CATEGORIES
home News

US Treasury And Commerce Departments Allegedly Infiltrated By Russia-Backed Hacker Group

by Nathan OrdMonday, December 14, 2020, 12:55 PM EDT
hero hacker
Over the weekend, it was announced that a nation-state actor had breached SolarWinds’ Orion service as early as Spring of this year. The Orion platform is an all-in-one solution for IT administration and monitoring, among other utilities. It is used by companies and governments worldwide, and it appears that the U.S government was a target of interest in the attack. According to sources familiar with the situation, the nation-state actors have been monitoring email at the U.S Treasury and Commerce departments, but they may not be the only agency to be breached.

The SolarWinds Orion attack is being dubbed as “Sunburst” by security researchers at FireEye, a cybersecurity firm. They report that “Sunburst” works by a backdoor that was injected into Orion in a dynamic linked library (DLL) file called “SolarWinds.Orion.Core.BusinessLayer.dll.” After up to two weeks of being dormant, the backdoor would communicate over the HTTP protocol to external servers. The malicious traffic would disguise itself as legitimate SolarWinds communications while having the capability to “transfer files, execute files, profile the system, reboot the machine, and disable system services.” Basically, the malware could do whatever it wanted once it was on a network.
solarwinds orion platform
SolarWinds Orion Platform Tie-Ins

Evidently, the U.S Treasury and Commerce departments were using the SolarWinds Orion platform for their large IT needs. It seems that backdoor then allowed the malicious people, thought to be working for Russia, to monitor these departments' emails. It is unknown, however, how many other agencies and organizations were affected by the breach. SolarWinds’ website reports that following groups use the Orion platform among others:
  • U.S Army
  • U.S Air Force
  • U.S Navy
  • U.S Marine Corps
  • IC (Intelligence Community)
  • Other DoD agencies
  • U.S Census Bureau
  • U.S Dept. Of Justice
  • Oak Ridge Natl. Lab
  • Sandia Natl. Lab
  • U.S Dept. of Treasure
  • U.S Dept. of Veterans Affairs 
We will have to see how many of those groups were affected in the coming days. According to Reuters, a source reported that the “hack is so serious it led to a National Security Council meeting at the White House on Saturday.” As of now, there is not much detail out, so stay tuned to HotHardware as we get updates on this developing national situation.
Tags:  security, breach, cybersecurity, us-government
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment