The US has issued an emergency order after revealing that its treasury and commerce departments had been hacked.
Washington Technology Solutions, the state agency known as WaTech, is responding to the warning by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), according to the office of Gov. Jay Inslee.
USA government agencies were ordered to scour their networks for malware and disconnect potentially compromised servers after authorities learned that the Treasury and Commerce departments were hacked in a monthslong global cyberespionage campaign discovered when a prominent cybersecurity firm learned it had been breached.
National Security Council spokesman John Ullyot said in a statement that the government was "taking all necessary steps to identify and remedy any possible issues related to this situation".
Although SolarWinds has not yet directly comment on the breaches the IT company has said it is "acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community, and other law enforcement to investigate these matters".
APT29 is a hacking group that's separately been linked to one or more Russian intelligence agencies, specifically the Foreign Intelligence Service (SVR) and Federal Security Service (FSB). Neither the company nor the USA government publicly identified Russian state-backed hackers as responsible.
According to Reuters, the elaborate cyber hack was launched on the Treasury Department as well as the Commerce Department's National Telecommunications and Information Administration, or NTIA, a USA agency that is tasked with crafting internet and telecommunications policy.
Russia's embassy in the United States hit back later Sunday against what it said were the "unfounded" media claims, denying any role in the alleged attacks. Moreover, the attackers targeted and accessed FireEye's "Red Team" assessment tools - diagnostic tools the company uses to simulate hacking attempts on the company's clients to identify any security vulnerabilities.
No new Covid-19 cases recorded in NZ today
The state, the most populous in the country, also now has more people hospitalized than any state at any time since NY in April. Donegal - 46 new cases, an incidence rate of 219.9, the highest in the country, and 350 cases recorded in the past 14 days.
"There will unfortunately be more victims that have to come forward in the coming weeks and months", said Charles Carmakal, senior vice president and chief technical officer at Mandiant, FireEye's incident response arm.
The malware gave the hackers remote access to the compromised computer networks for months.
"This is a huge cyber espionage campaign targeting the USA government and its interests". Neither the US government nor the affected companies have publicly said which nation state they think is responsible. The DHS, FireEye, Volexity and Microsoft have provided additional advice and IoCs.
The so-called supply-chain method used to distribute the malware via SolarWinds' software recalled the technique Russian military hackers used in 2016 to infect companies that do business in Ukraine with the hard drive-wiping NotPetya virus - the most damaging cyberattack to date.
Britain is not aware of any impact from the hacking of USA departments believed by U.S. sources to have been carried out by Russian Federation, a spokesman for Prime Minister Boris Johnson said on Monday, as reported by Reuters.
"We believe that this vulnerability is the result of a highly sophisticated, targeted and manual supply chain attack by a nation state", SolarWinds CEO Kevin Thompson said in a statement.
Technology company SolarWinds, which was the key steppingstone used by the hackers, said up to 18,000 of its customers had downloaded a compromised software update that allowed hackers to spy unnoticed on businesses and agencies for nearly nine months.