15 December 2020

Reds under the beds? Actually the Ruskies are a lot more widespread than that...

Concern is gathering over the effects of the backdoor inserted into SolarWinds' network monitoring software on Britain's public sector – as tight-lipped government departments refuse to say whether UK institutions were accessed by Russian spies.

As reported in the small hours of this morning by The Register, it appears the downloads page for SolarWinds' Orion Windows monitoring platform was altered by Kremlin hackers – known as APT29, aka Cozy Bear – so that victims fetched and installed a tampered-with version that included a remote-control backdoor.

This malicious code was detailed by FireEye, which itself said it was earlier hacked by state-level miscreants. Said victims of the Orion job are said to include the Treasury and the Dept of Commerce at the US government. It now also looks like the Department of Homeland Security has also been breached! It's not clear at this stage whether FireEye was also hacked via a dodgy Orion install.

Research by The Register has shown that SolarWinds' Orion is used widely across the British public sector, ranging from the Home Office and Ministry of Defence through NHS hospitals and trusts, right down to local city councils.

WASHINGTON (AP) — Top national security agencies confirmed Tuesday (5 Jan 2021) that Russia was likely responsible for a massive hack of U.S. government departments and corporations, rejecting President Donald Trump’s claim that China might be to blame.

www.theregister.com


No comments:

Post a Comment