Cyberattack targets U.S. federal agencies

Hackers monitored the networks of the Treasury and Commerce departments undetected for months. In a Sunday emergency directive, the Department of Homeland Security asked all federal agencies to search their networks for compromises and told those affected to disconnect all machines using the targeted SolarWinds server software. The report comes less than a week after prominent cybersecurity firm FireEye reported hackers stole its key assessment tools.

How did they gain access? The hackers added malware to SolarWinds software update in the spring, giving them access to users’ network traffic management systems. FireEye in a Sunday update said the attacks against its systems also came through SolarWinds Orion network. The company blamed “state-sponsored threat actors” but did not identify the culprit. Russia’s U.S. Embassy on Sunday said the attempts to blame Russia for the attacks are “unfounded.”

Dig deeper: From the WORLD archive, read Kent Covington’s report in the Sift on a court settlement after hackers targeted Equifax.