Israeli companies at risk after suspected Russian hackers spied on U.S. Treasury emails
Hackers got into U.S. government systems by surreptitiously tampering with updates released by IT company SolarWinds, which also serves companies and governmental bodies in Israel
Prologic Ltd, which represents SolarWinds in Israel, said: "SolarWinds has announced that it has suffered a sophisticated cyberattack in which several updates of its Orion platform that were released between March 2020 and June 2020 were hacked. All the signs point to a nation state-backed attack which was intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack. In order to protect their work environment, clients of the Orion platform are requested to download as soon as possible the latest update released in the past few hours by SolarWinds. Full details can be found in this link.
"We at Prologic, together with our partners and network of integrators active around the solutions provided by SolarWinds in Israel, are at the service of the company's clients and will update our customers with any new information and guidance that we receive."The hack is so serious it led to a National Security Council meeting at the White House on Saturday, one of the people familiar with the matter told Reuters. U.S. officials have not said much publicly beyond the Commerce Department confirming there was a breach at one of its agencies and that they asked the Cybersecurity and Infrastructure Security Agency and the FBI to investigate. The U.S. government has not publicly identified who might be behind the hacking, but three of the people familiar with the investigation said Russia is currently believed to be responsible for the attack. Two of the people said that the breaches are connected to a broad campaign that also involved the recently disclosed hack on FireEye, a major U.S. cybersecurity company with government and commercial contracts. In a statement posted to Facebook, the Russian foreign ministry described the allegations as another unfounded attempt by the U.S. media to blame Russia for cyberattacks against U.S. agencies.