SolarWinds, an American company that develops software to help businesses manage their networks and computer systems, has been the victim of hacking for months. And according to the Cybersecurity and Infrastructure Security Agency or CISA, it is still “being exploited by malicious actors.”
CISA issued an emergency directive on Dec. 13, instructing all federal agencies to check their networks for signs of compromise and to disconnect SolarWinds products immediately.
SolarWinds is used by several departments of the U.S government, two of which have reportedly been compromised.
It’s reported that hackers gained access to the U.S. Commerce Department and the Treasury Department through the software.
According to FireEye, a cybersecurity firm, the hackers gained access by inserting malware into software updates for the SolarWinds Orion software. FireEye first raised the alarm about the hacking on Dec. 8.
And another company that uses the compromised software has been the subject of concern. According to a Dominion Voting Systems web page, Dominion uses SolarWinds software.
Dominion has not yet issued a statement on whether it has been affected by the hacking or not.
But some people are raising concerns about what this means for the security of the election while questioning how former director of CISA Chris Krebs could issue a statement claiming “the November 3rd election was the most secure in American history,” given that hacking was taking place.
Tracy Beanz, Editor-in-Chief of Uncover DC media, shared screenshots of CISA’s statement and the news of the hacking. She questioned: “Hey Chris Krebs, care to answer how U.S. government systems were penetrated here but somehow this election was the most secure in history? Did you know about this in advance? Is Dominion a customer?”
General Micheal Flynn re-tweeted Beanz, and called the hacking “a grave national security threat.” He said, “this means the US SolarWinds product is 100 percent compromised across the USG. Likely China with back doors to every department, agency, and activity in the USG.”
Flynn also urged President Donald Trump to demand answers immediately.
CISA asked all agencies operating SolarWinds products to provide them a security report by 12 p.m. Eastern Time on Dec. 14. This means we should know if any other companies or agencies have been compromised in the upcoming days.
From NTD News