FBI Probing Solarwinds Hack (REPORT)

(TheFreedomFlag.com)- Texas-based software company SolarWinds, which is at the center of cyberattacks on U.S. federal agencies, hasn’t yet confirmed whether other government agencies used their program.

The company, which is based out of Austin, said it wasn’t able to comment on the situation, as the Federal Bureau of Investigation is looking into the hacking, which is thought to be the product of Russian hackers.

Among SolarWinds’ customers are the Pentagon, White House, National Security Agency and State Department. It also lists “more than 425 of the U.S. Fortune 500” as customers, along with leading telecommunications companies, and the U.S. Commerce and Treasury departments.

This week, White House officials confirmed that hackers were able to gain access to those two latter departments. One of the things they did was monitor internal emails.

According to a Reuters report, which cited four anonymous sources who have been briefed on the situation, the extensive client list of SolarWinds means the cyberattack would prove to be a much larger breach than we now know.

One source said:

“This is a much bigger story than one single agency. This is a huge cyber espionage campaign targeting the U.S. government and its interests.”

Newsweek reached out to SolarWinds for more clarity into which government agencies all use the same SolarWinds software. A spokesperson for the company wouldn’t say which services are supplied to the Pentagon and all five branches, the NSA and the Executive Office of the President. That person also wouldn’t give more details since the FBI investigation is in its early stages.

The spokesperson did, however, send Newsweek a statement from Kevin Thompson, the president and CEO of SolarWinds. It reads:

“Security and trust in our software are the foundation of our commitment to our customers. We strive to implement and maintain appropriate administrative, physical and technical safeguards, security processes, procedures and standards designed to protect our customers.

“We are aware of a potential vulnerability which if present is currently believed to be related to upgrades which were released between March and June 2020 to our Orion monitoring products.

“We believe that this vulnerability is the result of a highly-sophisticated, targeted and manual supply chain attack by a nation state.

“We are acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community and other law enforcement to investigate these matters. As such, we are limited as to what we can share at this time.”

The thought is that the hackers accessed accounts by tampering with software updates that came from SolarWinds. Malicious code is concealed within actual legitimate software updates, which then allows them to use the cover to gain access to the programs.

On Monday, SolarWinds detailed the breach in a filing with the Securities and Exchange Commission.

The company said it “has taken steps to remediate the compromise of the Orion software build system and is investigating what additional steps if any, should be taken.”

Thus far, the U.S. government hasn’t officially named who they believe are behind the cyberattack. Reuters, though, cited anonymous sources who said it was likely an operation directed by Russia.