As previously announced by several U.S. news sources in mid-December 2020, hackers used an American company, SolarWinds and its business management software to infiltrate a large number of U.S. Government Agencies and Industries with the intent of placing malware capable of opening a back door. Hackers could then use this opening to penetrate Agency and industry information systems.
The Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Homeland Security (DHS) have provided the following links for industry to get information and assistance.
- Cybersecurity & Infrastructure Security Agency (CISA) public page: https://us-cert.cisa.gov/
- CISA SolarWinds Orion Alert AA20-352A: https://us-cert.cisa.gov/ncas/alerts/aa20-352a
- DHS guidance: https://cyber.dhs.gov/ed/21-01/
- CISA suspicious activity detection tool: https://github.com/cisagov/Sparrow
In addition, USTRANSCOM J6 and AQ have offered to discuss SolarWinds concerns that individual industry members may have. Please let VADM Andy Brown or Craig Hymes know if your Cyber Coordinator(s) would like to have this discussion and we can coordinate.