Russian hackers hit US government using widespread supply chain attack

by
Dan Goodin
from Ars Technica - All content on (#5BM2H)
computer-keyboard-800x534.jpg

Enlarge (credit: Getty Images)

Russian hackers have breached networks belonging to the US government and private organizations worldwide in a widespread espionage campaign that uses the global software supply chain to infect targets.

The US Treasury and Commerce departments are among the US government agencies hit in an operation that multiple news outlets, citing people familiar with the matter, said was led by Cozy Bear, a hacking group believed to be part of the Russian Federal Security Service or FSB. Word of attacks arrived on Sunday, five days after FireEye, the $3.5 billion security company, said on Tuesday it had been hacked by a nation-state.

On Sunday night, FireEye said the attackers were infecting targets using Orion, a widely used business software app from SolarWinds. After taking control of the Orion update mechanism, the attackers were using it to install a backdoor that FireEye researchers are calling Sunburst.

Read 5 remaining paragraphs | Comments

index?i=Cy36ByoRFk0:0bXd1QdGtLE:V_sGLiPB index?i=Cy36ByoRFk0:0bXd1QdGtLE:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments