The nature breadth of supply chain vulnerability is illustrated in this map, which shows the UK is the second worst affected in terms of Microsoft clients which installed versions of SolarWinds’ Orion software containing the attackers’ malware
Credit: Microsoft
Jeremy Fleming, the head of intelligence agency GCHQ, said in an interview on Monday that the organisation had not yet found evidence that any UK Government departments had been breached.
But security services were on Friday looking into new leads which had emerged from US investigations this week, a security source said, leading to fresh concerns that Russian hackers had gained access to sensitive UK systems.
British investigators are likely to spend the Christmas period checking through server logs of Government IT systems in a search for evidence that computers controlled by the Russian hackers accessed information.
“It’s certain that the number and location of victims will keep growing,” Microsoft’s Mr Smith wrote.
Microsoft was itself a victim of the Russian hacking campaign, Reuters reported last night. One of the people familiar with the hacking spree said the hackers made use of Microsoft cloud offerings while avoiding Microsoft’s corporate infrastructure.
On Thursday, it was also reported that the US Energy Department and its National Nuclear Security Administration, the agency that maintains the US nuclear stockpile, were breached as part of the hack.
As many as 18,000 Orion customers downloaded the updates that contained a back door, SolarWinds has said. Since the campaign was discovered, software companies have cut off communication from those back doors to the computers maintained by the hackers.
The unanswered questions from the Sunburst hack
But the attackers might have installed additional ways of maintaining access, the US Cybersecurity and Infrastructure Security Agency said, in what some have called the biggest hack in a decade.
So far, the hackers are known to have at least monitored email or other data within the US departments of Defense, State, Treasury, Homeland Security and Commerce.
Ciaran Martin, the former head of the UK’s National Cyber Security Centre, noted that while US nuclear authorities had been affected, it did not mean classified systems were at risk.
He said on Twitter: “[Russia] got into the admin networks of the [organisations] managing US nuclear weapons. That’s [very] bad. But it’s not the same as hacking the classified systems that control the weapons, which hasn’t happened.”
The emergence of the growing number of hacked US government departments has led to angry reactions from American politicians.
“There will be a price to pay for this,” Senate Minority Whip Dick Durbin said in a speech on Thursday. “This is nothing short of a virtual invasion by the Russians into critical accounts of the federal government.”
“When adversaries such as Russia torment us, tempt us, breach the security of our nation, we need to respond in kind,” Durbin continued, although he noted that he was not calling for “all-out war”.
The Russian Ministry of Foreign Affairs has denied carrying out the hack and described the allegations as another unfounded attempt by the US media to blame Russia for cyberattacks on US agencies.
Dmitry Peskov, a Kremlin spokesman, said: "Once again, I can reject these accusations and once again I want to remind you that it was President [Vladimir] Putin who proposed that the American side agree and conclude agreements [with Russia] on cyber security.”
Свежие комментарии