Federal officials are scrambling on Monday to alert the public about a huge and serious computer breach. The best news that experts can give is that they don’t think that any more than 18,000 computers were compromised. Of course, the media is rushing to put the blame on the Kremlin without a single shred of evidence.
Breach confirmed but not the victims
A spokesperson for the Commerce Department confirmed on Monday that a serious breach of National security has happened but won’t say which “bureau” it happened in. We do know that the hack attack was so serious they called an emergency meeting at the White House.
The liberal media is quick to point the finger, not just at Russia but at the same group of Russians that allegedly targeted Hillary Clinton. What they won’t tell you is that one of the companies which uses the compromised software is Dominion Voting Systems. The Department of Homeland Security is “providing technical assistance to help blunt potential compromises.”
“This is a much bigger story than one single agency,” one insider leaked. Nobody even knows how bad the breach really was. “This is a huge cyber espionage campaign targeting the U.S. government and its interests.”
According to the company’s website, SolarWinds customers “include most of America’s Fortune 500 companies, the top 10 U.S. telecommunications providers, all five branches of the U.S. military, the State Department, the National Security Agency, and the Office of President of the United States.”
Officials reportedly alerted “the FBI and a cybersecurity agency within the Department of Homeland Security.” Meanwhile, the White House National Security Council independently verified “it was looking into another potential intrusion at the Treasury Department.”
Apparently the breach involves “foreign government-backed hackers” who “accessed internal government emails.” They did that by “first breaking into SolarWinds, an Austin-based company that provides remote information technology services.”
So now we have a known breach of the Commerce Department. The breach was done silently through dll registry. The file was transmitting data FOR MONTHS.
Now here is the kicker…
Almost EVERY AGENCY uses Solarwinds.
Know who else uses SolarWinds?
— r1es (@midnightride21) December 14, 2020
A highly-sophisticated attack
SolarWinds admitted to the Securities and Exchange Commission that, “it had informed 33,000 customers that they may have been affected, and estimated that ‘fewer than 18,000’ could have potentially been compromised.” Cybersecurity company FireEye is almost certainly one of those affected by the breach and they have “extensive government contracts.”
Their CEO, Kevin Mandia told the public last week that they had been hacked by “a nation with top-tier offensive capabilities.” One known thing which the hackers stole was “tools used by FireEye’s Red Team, the section tasked with defending against new cyberattacks.”
The Cybersecurity and Infrastructure Security Agency issued “a rare emergency directive Sunday night” to address the breach. They ordered all federal agencies “to immediately stop using” the affected SolarWinds products.
Kevin Thompson, president and CEO of SolarWinds informs, “we believe that this vulnerability is the result of a highly-sophisticated, targeted and manual supply chain attack by a nation state. We are acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community, and other law enforcement to investigate these matters. As such, we are limited as to what we can share at this time.”
It seems that whoever is behind the security breach has been “monitoring internal email traffic at the U.S. Treasury and Commerce departments.” At the very least. The way the operation worked, “cyber spies are believed to have gotten in by surreptitiously tampering with updates released by IT company SolarWinds.”
The form of attack is well known to government level hackers, called a “supply chain attack.” It “works by hiding malicious code in the body of legitimate software updates provided to targets by third parties.” SolarWinds updates were infected between March and June of this year.
No matter what the media says, the Kremlin swears up and down they had nothing to do with the breach of SolarWinds. The U.S. Government “has not publicly identified who might be behind the hacking,” but the Russian Embassy is furious over the “groundless attempts by the American media to accuse Russia of hacking attacks on U.S. government bodies.”
Russia says they don’t bother with games like that. “Attacks in the information space do not correspond to the foreign policy principles of our country, its national interests and understanding of how relations between states are built,” and, besides that, Russia does not conduct “offensive operations in the virtual environment.”