Cyberattack on US federal agencies: How it came to light? When was security compromised?

In one of latest blows to US President Donald Trump’s ministration in its closing days, as many as 12 federal ncies are crippling with a massive cyberattack which is reportedly described as biggest breach in several years. Triggering speculation of Russian hackers’ involvement, US officials have reportedly said that hacks have been ongoing for several months allowing ones who breached websites to monitor as well as re US’ confidential emails. 

Among impacted ncies are US Treasury Department, US Department of Commerce, Department of Defense, State Department and National Institutes of Health with ir security being compromised. Recently, FBI called cyberattacks “a developing situation”. In a joint statement, FBI, CISA and ODNI said on December 16  that y are putting toger a unified response to breaches while understanding its effect on networks within ncies. 

How did cyberattack come to tice? When did it start?

attack reportedly came to tice of intelligence officers after being discovered by a cybersecurity company called FireEye. As per reports, it started back in March when nation along with entire world was rocked with rising infections of COVID-19. hackers mand to insert malware into software updates that were reportedly being sent to US government as well as its partners in private sectors through an IT company named Solar Winds. 

Solar Winds, whose clients range from US federal ncies and or associated companies, has said that it believes fewer than 18,000 systems have been compromised. Recently, in wake of cyberattacks,   Cybersecurity and Infrastructure Security ncy (CISA) on December 12 reportedly ordered federal ncies to stop using SolarWinds Orion IT products.

It h also said that cyberattackers h used a recent update to get access to internal communications. CISA Acting Director Brandon Wales h reportedly urged all ncy partners in both private and public sectors to “assess ir exposure to this compromise and to secure ir networks.”

Re - US Department Of Homeland Security Becomes Latest Target Of Cyberattack: Report

Re - Major rway Cruise Line Hurtigruten Hit By Cyberattack

Who is behind attacks?

Meanwhile, even SolarWinds h mitted this weekend that hackers h exploited a backdoor in update of its software that was released between March and June this year. US media outlet h linked hack that occurred over weekend to a group working for Russian foreign intelligence service. However, FBI has reportedly launched an investigation into group that is kwn as APT29 or ‘Cozy Bear’ among private sector cybersecurity firms. 

se hackers are reportedly believed to have targeted US State Department, Joint Chiefs of Staff and White House networks during ministration of former US President Barack Obama. same Russian group is also reportedly thought to have carried out break-in during 2016 US Presidential Election. 

Calling recent significant cyberattacks on US federal ncies “a developing situation”, FBI, CISA and ODNI jointly said on December 16 that y are putting toger a unified response to breaches while understanding its effect on networks within ncies. 

Re - FBI Says Significant Cyberattacks On US Federal ncies Still Underway, Plans Response

Re - Trump Quiet On Significant Cyberattacks On US Federal ncies Posing 'grave Risk': Report