Russian hackers infiltrated the U.S Treasury department
It seems hackers used a “supply chain attack” to gain access.
While the US is dealing with COVID-19 and a president that refuses to admit defeat, a new report from Reuters over the weekend points to a breach from government-backed Russian hackers.
The breach was pointed towards “internal email traffic at the U.S. Treasury and Commerce departments,” according to people that Reuters spoke to. Additionally, these sources believe this is “may be the tip of the iceberg.”
The White House hosted a National Security Council meeting according to these same sources. Reuters notes that “National Security Council spokesman John Ullyot added that they ‘are taking all necessary steps to identify and remedy any possible issues related to this situation.'”
There has been no official US government confirmation that Russia is behind the attacks, but the sources note that Russia is currently being investigated and believed to be behind the attacks. A follow-up Washington Post report, however, seems to confirm that the hack is Russian-backed.
So, how did the breach occur? It is believed that it comes from SolarWinds, an IT company that serves many Fortune 500 companies, as well as multiple branches of the US government. It is believed that SolarWinds was compromised and that a “supply chain attack” was used.
Basically, this means that when SolarWinds pushed updates, the update was compromised, injected with malicious code, and then allowed to finish up, pushing the update to government computers. From the various reports, it looks that Microsoft 365 was the target and that the hackers were able to monitor emails from the U.S. Treasury and Commerce departments.
It should also be noted here that it was just last month that Donald Trump fired Chris Krebs, the director of the Cybersecurity and Infrastructure Security Agency, after Krebs spoke out against election fraud, noting that this was the most secure election in American history.
Who knows, maybe if Krebs and his team weren’t tied up with finding non-existent election fraud, this could have been identified earlier.