Notebookcheck Logo

Alleged Russian cyber attack allegedly exposed US deep state secrets through "Orion" data breach

Experts remain unsure about the extent of the damage caused by the cyber attack (Image source: Panda Security)
Experts remain unsure about the extent of the damage caused by the cyber attack (Image source: Panda Security)
Multiple US government branches, including the Department of Commerce, and an unknown number of private sector players have been hit by a massive cyber attack. Experts still remain uncertain about the volume of sensitive information that's been secreted beyond borders by hackers with alleged ties to the Russian government.
Business Cyberlaw Desktop Internet of Things (IoT) Security

Multiple arms of the US government, as well as private sector players, have been hit by what appears to have been a cyber attack of an unprecedented scale. The Cybersecurity and Infrastructure Security Agency described the hack as a "grave risk" to both public and private networks. 

The US Department of Energy was among the affected branches of government and had earlier released a statement confirming this. The data breach was at least in part due to vulnerabilities with Orion software from SolarWinds, an IT management vendor widely contracted by US government agencies and private sector firms. 

Microsoft alone identified over 40 clients who were compromised as part of the attack, and the vulnerability could potentially affect as many as 17,000 SolarWinds customers. An attack heatmap shared by Microsoft seems to add credence to a Russian source of origin for the hack. The map indicates that targets across the world (apart from Russia) were affected, though 80 percent of affected systems were in the United States. 

Due to the attackers obfuscating data during exfiltration, it's still unclear as to exactly what kind of damage has been done. 

This heatmap indicates that most targeted devices were in the United States (Image source: Microsoft)
This heatmap indicates that most targeted devices were in the United States (Image source: Microsoft)

Source(s)

The Guardian

Related Articles

FCC terms Kaspersky as a security risk. (Image source: Michael Geiger)
Kaspersky joins Huawei and ZTE as a national security threat on the FCC's entity list 03/28/2022
T-Mobile has experienced a data breach and customers may be affected by SIM swapping and their network information may have been leaked. (Image: Mika Baumeister)
T-Mobile hit with a data breach 12/29/2021
A Russian court has fined Google US$98 million. (Image source: Google)
A Russian court slaps Google with a US$98 million fine for failing to delete illegal content 12/24/2021
A huge number of Facebook accounts might be in danger after data from a 2019 leak surfaces online
Failbook: Personal data of roughly 530 million accounts from 106 countries leaks online 04/05/2021
STALKER 2 could potentially feature mod support on the Xbox Series X/S (Image source: GSC Game World)
Further details about STALKER 2 unveiled in Russian podcast: advanced A-Life AI, Xbox Mod support, and more 03/09/2021
Hotfix 1.11 is the latest update for Cyberpunk 2077 on consoles, PC and Stadia. (Image source: CDPR)
Cyberpunk 2077 Patch 1.1 delivers all-round improvements for the PlayStation 4 with little joy for the Xbox One; Hotfix 1.11 fixes game-breaking Down on the Street bug 01/29/2021
Several updates for Cyberpunk 2077 are due this year, including a next-generation optimised version. (Image source: CDPR)
CDPR apologises for Cyberpunk 2077, announce updates roadmap for 2021 and appears to postpone online multiplayer until 2022 01/14/2021
Over 20GB of confidential design data and files were stolen from Intel in a security breach (Image source: Panda Security)
Hackers steal over 20GB of confidential design data from Intel in massive data breach 08/07/2020
Hackers could conceivably leverage the Secure Enclave exploit to steal personal data and biometric info from iOS users (Image source: Panda Security)
Alarming “Unpatchable” exploit in Apple’s Secure Enclave could put the data of millions of users at risk, per Chinese hackers 08/03/2020
The Nintendo 3DS. (Source: Nintendo)
Nintendo 3DS bugs are no longer eligible for the HackerOne program 07/01/2020
Facebook apparently has a data hemorrhage. (Source: Facebook)
Over 260 million Facebook profiles have been found to be on sale on hacker forums 04/23/2020
Microsoft security researchers discover new cyber attack through Internet of Things connected devices
Microsoft security researchers discover new cyber attack through Internet of Things connected devices 08/06/2019
Read all 3 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
.170
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2020 12 > Alleged Russian cyber attack allegedly exposed US deep state secrets through "Orion" data breach
Arjun Krishna Lal, 2020-12-18 (Update: 2020-12-18)