Update: The Dominion representative said they don’t use the SolarWinds Orion software that was hacked.
However, they use SolarWinds Serv U file server. If foreign actors can hack Solar Winds, they can hack Dominion.
~~~
Hackers broke into the networks of the Treasury and Commerce departments as part of a global cyberespionage campaign. According to the global cybersecurity firm FireEye, they accessed those networks by slipping malware into a SolarWinds software update, which was also compromised, KXAN reported.
Dominion Voting Systems uses SolarWinds Serv U software.
BACKGROUND
The company admitted that the first phases of this months-long cyberespionage campaign started in the spring. The malware gave the hackers remote access to victims’ networks.
The FBI and the Department of Homeland Security’s cybersecurity arm are investigating what experts and former officials said appeared to be a large-scale penetration of U.S. government agencies. Industry experts said it bore the hallmarks of Russian tradecraft.
“This can turn into one of the most impactful espionage campaigns on record,” said cybersecurity expert Dmitri Alperovitch.
The hacks were revealed less than a week after FireEye disclosed that foreign government hackers had broken into its network and stolen the company’s own hacking tools. Many experts suspect Russia is responsible. FireEye’s customers include federal, state, and local governments and top global corporations.
The Guardian reports Russian actors are suspected. The government isn’t saying anything more than that. They know it was the work of a nation-state.
Last night the Cybersecurity and Infrastructure Security Agency (CISA) issued a rare Emergency Directive 21-01 in response to a KNOWN COMPROMISE involving SolarWinds Orion products.
This was only the fifth Emergency Directive issued by CISA under Congress’s authorities in the Cybersecurity Act of 2015.
CISA reported a breach of the SolarWinds Orion products.
This Emergency Directive called on all federal civilian agencies to immediately review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products.
THE RAID?
A guest on Hannity’s radio show said there was a raid on SolarWinds. He was correct in saying the malware dates back to March.
He added that the FBI, Texas Rangers, and US marshals are looking seriously at the systems.
Given that Dominion Voting Systems uses Solar Winds software, one must wonder if the hackers were involved in the election.
On Hannity’s radio show, a guest said:
The agency that is supposed to oversee this type of intrusion, this type of Trojan Malware virus, affects the nation or even the world and finds them. Well, his agency was asleep. They didn’t find that they were out in the wilds since March. I do have a bit of a breaking news for you here, Sean. I’m here in Texas. I have a good friend who’s a ranger who passed to me that the FBI, the Texas Rangers, and the US Marshals are all at the SolarWinds headquarters in Austin, Texas, and they are currently looking very seriously at the systems there… There is other news that will be coming out about the CEO and Executive Vice President as well.
2/ and has reportedly surrendered his passport to US officials. Indicates they may have been aware of the breach long before it was disclosed. To put it mildly, this is an important one to watch.
H/T to @TheSharpEdge1 for the link.
— Murray 🇺🇸 (@Rothbard1776) December 14, 2020
Subscribe to the Daily Newsletter
