SolarWinds hack that breached gov networks poses a “grave risk” to the nation

by
Dan Goodin
from Ars Technica - All content on (#5BSHQ)
red-alert-800x533.jpg

Enlarge (credit: Getty Images)

The supply chain attack used to breach federal agencies and at least one private company poses a grave risk" to the United States, in part because the attackers likely used means other than just the SolarWinds backdoor to penetrate networks of interest, federal officials said on Thursday. One of those networks belongs to the National Nuclear Security Administration, which is responsible for the Los Alamos and Sandia labs, according to a report from Politico.

This adversary has demonstrated an ability to exploit software supply chains and shown significant knowledge of Windows networks," officials with the Cybersecurity Infrastructure and Security Agency wrote in an alert. It is likely that the adversary has additional initial access vectors and tactics, techniques, and procedures (TTPs) that have not yet been discovered." CISA, as the agency is abbreviated, is an arm of the Department of Homeland Security.

Elsewhere, officials wrote: CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations."

Read 13 remaining paragraphs | Comments

index?i=kPz2cmrNpcI:2plo7TXy8po:V_sGLiPB index?i=kPz2cmrNpcI:2plo7TXy8po:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments