US Federal Agency Got Hacked Using SolarWinds Software Attack!

US Federal Agency Got Hacked Using SolarWinds Software Attack!

Federal Bureau of Investigation (FBI) discovered that the National Finance Center, an Untied States Department of Agriculture federal payroll agency got hacked by the SolarWinds backdoor attack.

National Finance Center will provide the services of human resources and payroll to 170 federal agencies and about 650000 federal employees since 1973.

What Occurs Accurately?

The USDA confirms that the vulnerability was founded in NFC’s system which is different from the one that was used by the Russian nation-state hackers while compromising the update mechanism of Orion Software and execute the Sunburst backdoor attack on SolarWinds customer system.

Both the security agencies the FBI and the USDA are not provided any information related to that data breach and what data is compromised, who is affected by it, and many more.

US Federal Agency Got Hacked Using SolarWinds Software Attack

Moreover, the USDA provided a statement that signifying that all the customers are notified whose data has been compromised by this data breach. After the investigation, the agencies are saying that the attackers behind these attacks are suspected to be part of a Chinese hacking group.

Several experts also believed that the hacker behind this campaign is based out of China and they use the tools that were previously utilized in Chinese Counterattacks.

How this Attached with Supernova?

After the investigation, the experts said that the attacker is from China but they use the same security bug that was made and deploy by Supernova backdoor on the system where the updates have been compromised.

The vulnerability is the Solar-winds hack to be resolved and the investigation is still going on Sunburst and Supernova malware attack.

Companies that haven’t updated their system have used the scripts that were provided in the Solar-winds advisory that used to protect their system temporarily against the execution of the malware installed.

In Supernova, attackers execute a DLL file that assists to establish a remote connection that is used to send, execute, compile various codes on the victim’s network.

United States government also shares the list of targets that are affected by this attack.

  • U.S. Department of the Treasury
  • U.S. Department of State
  • U.S. National Telecommunications and Information Administration (NTIA)
  • U.S. Department of Energy (DOE)
  • The National Institutes of Health (NIH) (part of the U.S. Department of Health)
  • U.S. National Nuclear Security Administration (NNSA)
  • U.S. Department of Homeland Security (DHS)

Along with that the Administrative Office of United States also disclosed an ongoing investigation of the federal court’s cases of management and electronic case files system.

Leave a Reply