18:29 GMT23 January 2021
Listen Live
    News
    Get short URL
    by
    736
    Subscribe

    US government agencies have been ordered to look for malware and disconnect potentially compromised servers after authorities learnt that the Treasury and Commerce departments had been hacked in an extensive global cyber-espionage campaign.

    Britain is not aware of any impact from the hacking of US departments believed by US sources to have been carried out by Russia, a spokesman for Prime Minister Boris Johnson said on Monday, as reported by Reuters.

    "Investigations are ongoing. The National Cyber Security Centre is working to assess any UK impact, but we're not aware of any UK-related impact at this time," the spokesman told reporters. 

    In an emergency directive on Sunday, the US Department of Homeland Security's cybersecurity arm warned of an "unacceptable risk" to the executive branch from a feared large-scale penetration of US government agencies that could date back to mid-year or earlier.

    The US Commerce Department confirmed on Sunday that it had been a victim of a data breach.

    This also came ahead of Google losing all services across its network on 14 December. 

    “This can turn into one of the most impactful espionage campaigns on record,” said cybersecurity expert Dmitri Alperovitch, the former chief technical officer of the cybersecurity firm CrowdStrike.

    The hacked cybersecurity company, FireEye, would not say whom it suspected and noted that foreign governments and major corporations were also compromised.

    News of the hacks, first reported by Reuters, came less than a week after FireEye disclosed that nation-state hackers had broken into its network and stolen the company’s own hacking tools.

    The apparent conduit for the hacks is a piece of server software called SolarWinds. It is used by hundreds of thousands of organisations globally,  said Alperovitch who praised the 'tradecraft' of the hack.

    FireEye said in a blog post that its investigation into the hack of its own network had identified “a global campaign” targeting governments and the private sector that, beginning in the spring, had slipped malware into a SolarWinds software update. Neither the company nor the US government publicly identified Russian state-backed hackers as responsible.

    On its website, SolarWinds says it has 300,000 customers worldwide, including all five branches of the US military, the Pentagon, the State Department, NASA, the National Security Agency, the Department of Justice and the White House. The company has asked its customers to immediately upgrade their systems in response to the hack.

    Tags:
    cyber war, US Treasury, Department of Homeland Security, UK National Cyber Security Center
    Community standardsDiscussion