Russian hackers targeted NASA and FAA as part of SolarWinds attack

<div id="cke_pastebin">
In a wide-spread cyber-attack on US federal agencies and enterprises, hackers also broke into the networks of NASA and the Federal Aviation Administration (FAA), <em>The Washington Post </em>has reported, saying the Biden administration is reportedly preparing sanctions against Russia as the cybercriminals are "likely Russian in origin".</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
Nine federal agencies and about 100 private sector companies were compromised as a result of the SolarWinds hack, the White House said last week.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
NASA and the FAA were named ahead of a Senate Intelligence Committee hearing tasked with investigating the widespread cyberattack.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
A spokesperson for NASA did not dispute the report but declined to comment citing an "ongoing investigation."</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
A spokesperson for the FAA did not respond to a request for comment.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
The other federal agencies that were attacked include the Departments of Commerce, Energy, Homeland Security, Justice and State, the Treasury and the National Institutes of Health.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
The cyber-attacks were discovered last year after FireEye reported its own network was breached.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
Although the hack was "likely of Russian origin," the hackers launched their attack from inside the US, Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, said in a briefing.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
To carry out the attack, hackers installed a malware in the Orion software sold by the IT management company SolarWinds.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
"As you know, roughly 18,000 entities downloaded the malicious update. So the scale of potential access far exceeded the number of known compromises," Neuberger said, adding that many of the private sector compromises are technology companies, including networks of companies whose products could be used to launch additional intrusions.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
"The hackers launched the hack from inside the United States, which further made it difficult for the US government to observe their activity," she added.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
The top cybersecurity official informed that the intelligence community is looking at who is responsible.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
Earlier media reports suggested that the hackers compromised at least 250 federal agencies and top enterprises in the US.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
According to Microsoft, the hackers compromised 'SolarWinds' software allowing them to "impersonate any of the organisation's existing users and accounts, including highly privileged accounts."</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
Microsoft said it had discovered its systems were infiltrated "beyond just the presence of malicious 'SolarWinds' code."</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
It may take several months for the US government to complete the investigation into the SolarWinds hack.</div>
<div id="cke_pastebin">
 </div>
<div id="cke_pastebin">
<em>(IANS) </em></div>