SolarWinds has revealed how monitoring products it released earlier this year may have been tampered with in a “highly-sophisticated, targeted and manual supply chain attack by a nation state.” The statement came as the US intelligence community urgently investigates breaches at several government agencies, including its Treasury and Department of Commerce.
The breach is currently believed to be the work of Russian hackers.
Although SolarWinds has not yet directly comment on the breaches the IT company has said it is “acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community, and other law enforcement to investigate these matters.”
It added: “As such, we are limited as to what we can share at this time.”
Several unnamed sources have said SolarWinds’ vast network of federal clients has caused concern among US intelligence officials.
They believe this could put other agencies at risk.
One source was quoted as saying: ”This is a much bigger story than one single agency.
“This is a huge cyber espionage campaign targeting the U.S. government and its interests.”
The Russian government has vehemently denied any involvement in the hack attacks.
In a statement posted on Facebook, Russia’s foreign ministry described the allegation as, “another baseless attempt by American media to accuse Russia of hacking on U.S. government authorities.”
“Russia does not conduct ‘offensive’ operations in a virtual environment.
“The Russian Federation is actively promoting bilateral and multilateral cybersecurity agreements.”
