According to an article on the Verge, the Russian government hacker group, Cozy Bear, have reportedly breached US government agencies. The hackers compromised SolarWinds' Orion monitoring and management software. Nims & Associates has not recommended or deployed SolarWind's Orion monitoring and management software. We use other SolarWinds products and are closely monitoring the situation for information that might indicate if those products are also affected
The hacker group Cozy Bear, also known as APT29, has hacked the Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA), and other government agencies. They were able to trick NTIA's Microsoft Office software's authentication controls and monitor staff emails for months. Federal law enforcement agencies, including the FBI, are investigating the breach.
SolarWinds have released an additional statement -
" We have just been made aware our systems experienced a highly sophisticated, manual supply chain attack on SolarWinds® Orion® Platform software builds for versions 2019.4 through 2020.2.1. We have been advised this attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed incident, as opposed to a broad, system-wide attack.
At this time, we are not aware of an impact to our SolarWinds MSP products including RMM and N-central.
If you own a SolarWinds Orion product, we recommend you visitwww.solarwinds.com/securityadvisory for more detailed information. If you have any immediate questions, please contact Customer Support at 1-866-530-8040 This email address is being protected from spambots. You need JavaScript enabled to view it..
Security and trust in our software are the foundation of our commitment to our customers. Thank you for your continued patience and partnership as we continue to work through this issue."
For more information, find the original Verge article Here.