The hackers who hit SolarWinds violated the networks of the National Nuclear Safety Administration (NNSA) and the US Department of Energy (DOE).
America seems to be in a state of cyber warfare, as too many sensitive government services have been violated by the same team that hit SolarWinds.
An example is the NNSA, which is a semi-autonomous government agency responsible for maintaining and securing the US nuclear weapons stockpile. Established by the US Congress in 2000, it is also charged with dealing with nuclear and radiological emergencies. need within the United States and abroad.
US officials they told Politico that federal investigators have found data that the hackers who hit SolarWinds have access to the US DOE and NNSA networks.
The Federal Energy Regulatory Commission (FERC), the Safe Transport Bureau, the DOE Richland Field Office and the Sandia and Los Alamos National Laboratories were all reportedly hit.
According to DOE spokeswoman Shaylyn Hynes, the hackers focused their efforts primarily on FERC. The DOE also confirmed that the hacking group also breached the US nuclear weapons agency's networks. At this time and in order to ensure that the remaining critical organizations are safe, he is in regular contact with the Electricity, Oil and Gas (ONG) and Centers againstchangeand Information Analysis (ISAC)
Officially confirmed infringement of US government networks
This series of attacks led to the invasion of many US government networks, such as was officially confirmed by the FBI, CISA and ODNI.
Her list of goals governmentUS agencies that have been breached also include the US Treasury, US State Department, NTIA, NIH, DHS-CISA, and the US Department of Homeland Security.
The US government suspects that the group behind this pirate campaign is the Russian state group APT29 (also known as Cozy Bear), and had access to the networks of violated organizations for a long time, according to a CISA notice.
Danger to more violated government agencies
The backdoor used in these attacks, dubbed Solarigate or Sunburst, was distributed through SolarWinds' auto-update mechanism to the systems of some 18.000 customers.
Η SolarWinds customer list includes more than 425 U.S. companies, the top ten U.S. telecommunications companies, and several government agencies, including the U.S. military, the Pentagon, the U.S. Department of Justice, the State Department, NASA, NSA, Postal Service, NOAA and the Office of the President of the United States.
CISA, after a series of confirmed violations by US government agencies, has asked federal civil services to immediately disconnect the affected SolarWinds Orion products from their networks.