In a wide-spread cyber-attack on US federal agencies and enterprises, hackers also broke into the networks of NASA and the Federal Aviation Administration (FAA), The Washington Post has reported, saying the Biden administration is reportedly preparing sanctions against Russia as the cybercriminals are “likely Russian in origin”.
Nine federal agencies and about 100 private sector companies were compromised as a result of the SolarWinds hack, the White House said last week.
NASA and the FAA were named ahead of a Senate Intelligence Committee hearing tasked with investigating the widespread cyberattack.
A spokesperson for NASA did not dispute the report but declined to comment citing an “ongoing investigation.”
A spokesperson for the FAA did not respond to a request for comment.
The other federal agencies that were attacked include the Departments of Commerce, Energy, Homeland Security, Justice and State, the Treasury and the National Institutes of Health.
The cyber-attacks were discovered last year after FireEye reported its own network was breached.
Although the hack was “likely of Russian origin,” the hackers launched their attack from inside the US, Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, said in a briefing.
To carry out the attack, hackers installed a malware in the Orion software sold by the IT management company SolarWinds.
“As you know, roughly 18,000 entities downloaded the malicious update. So the scale of potential access far exceeded the number of known compromises,” Neuberger said, adding that many of the private sector compromises are technology companies, including networks of companies whose products could be used to launch additional intrusions.
“The hackers launched the hack from inside the United States, which further made it difficult for the US government to observe their activity,” she added.
The top cybersecurity official informed that the intelligence community is looking at who is responsible.
Earlier media reports suggested that the hackers compromised at least 250 federal agencies and top enterprises in the US.
According to Microsoft, the hackers compromised ‘SolarWinds’ software allowing them to “impersonate any of the organisation’s existing users and accounts, including highly privileged accounts.”
Microsoft said it had discovered its systems were infiltrated “beyond just the presence of malicious ‘SolarWinds’ code.”
It may take several months for the US government to complete the investigation into the SolarWinds hack.