In a shocking development, a major cybersecurity attack has targeted several branches of the US government. The attackers have managed to hack the federal computer systems through the server software offered by a company called SolarWinds.
FireEye, Solarwinds Hack: Cyberattack On US Government
The FBI was already investigating a similar cyber-espionage campaign that had affected the cybersecurity company called FireEye. As the system is used by thousands of organizations across the world, including several fortune 500 companies, it is considered a major security breach, and several confidential documents related to government agencies and common citizens are at the risk of compromise.
All the organizations that are affected or have become vulnerable due to the cyber attack will have to patch up their networks and ensure that critical data is not linked in any manner to the attackers. This was a strategic attack that used a unique combination of techniques that were not witnessed by cybersecurity firms in the past. The attackers planted Malware in several computer networks and managed to breach the Treasury and Commerce Department along with several other government agencies.
The commerce department asked the Department of Homeland security and the FBI to investigate the matter at the earliest. The Department of Homeland security is also analyzing a possible breach at their own agency, according to some reports. Experts say that the full extent of the damage is not yet known, and only a detailed investigation will reveal the intensity of the attack.
Experts are also not sure about the purpose behind the attack, and it appears that the attackers used a potential vulnerability related to the new updates for Orion, which is used as a network troubleshooting program. Some experts claim that there are indications that the attackers were looking for information on America’s ability to hack other Agencies and analyze its defense abilities. Experts working in the national security department say that the attackers might have used the tools of the cybersecurity companies for their own advantage.
National Security Council authorities said that they were working with the FBI to initiate a swift and effective investigation into the matter and prevent any sort of damage to the government agencies. As the federal Agencies store a lot of personal information about American citizens, this data is also at risk, but the motive of the attackers is still not clear in the early stages of Investigation.
As per the early indications, the attackers left several key security systems open to exploitation, and this means that they could have obtained root access to several systems of the agency. This is a scary situation as it could leave the most important systems compromised, and personal data along with critical information with regards to planning and operations could also be available to the attackers. The worst part is that critical information regarding foreign agents may also be compromised, and it is still not clear if the attackers have managed to get hold of this data. Experts said that it might take several months of Investigation to determine the safety of the existing systems.
According to experts, common users should also take precautionary measures and use complex passwords for digital accounts. Apart from that, it is also essential to use different passwords for financial accounts and select the two-factor authentication method for communication platforms, including email and social media. One of the best things common users can do in this situation is to avoid clicking on links that come from unauthorized sources as this may contain Malware or other harmful programs.
Some experts also said that it is a good idea to change the passwords that are currently used on government websites. In this way, you can protect your personal information to some extent, from external attacks. However, if the attackers manage to get hold of the core data of the government agencies, the common users do not have any option to protect their personal information.
Security experts say that they have to constantly monitor the systems and ensure that everything is in working order. However, it is an easy task for the criminals as they need to get it right only once so that they can accomplish their objective.
The government should focus on the attackers and immediately root out the infiltrators. If this is a coordinated attack, it can lead to long term damage and compromise the systems of several government agencies.