Hacking green.JPG
Kacper Pempel/Reuters
  • Federal computer systems in Washington DC are under attack in a “significant and ongoing” effort by an outside state or organization, according to joint task force of federal intelligence agencies.
  • “This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” the FBI said in a statement.
  • The FBI hasn’t said who is responsible for the attack, but Sen. Richard Blumenthal said classified briefings blamed Russian hacking group Cozy Bear. 
  • “Today’s classified briefing on Russia’s cyber attack left me deeply alarmed, in fact downright scared,” said Sen. Richard Blumenthal. 
  • Visit Business Insider’s homepage for more stories.

A group of US intelligence agencies warned on Wednesday of a “significant and ongoing” cyberattack that has compromised federal computer networks in Washington. A senator said Russia was responsible.  

“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” said a statement from the FBI on Wednesday.

The agency said it was part of a whole-of-government effort to stop the attack, joining with investigators from the Cybersecurity Infrastructure Security Agency, and the Office of the Director of National Intelligence to form a task force called the Cyber Unified Coordination Group.

The group said the attack was significant, but didn’t say whether it was coming from a state or independent network. 

“As the lead for threat response, the FBI is investigating and gathering intelligence in order to attribute, pursue, and disrupt the responsible threat actors,” said the FBI in a statement. 

Sen. Richard Blumenthal, however, said the "stunning" attack originated in Russia from a hacking network called Cozy Bear, according to a series of tweets. He said he had learned of the attack in a classified briefing and was "deeply alarmed. In fact, downright scared."

Blumenthal pushed for details to be made public. 

"Americans deserve to know the impact of this staggering cyberattack - & how Cozy Bear reportedly slipped into systems under our sleuths' noses. With no sign of a timeline for disclosure, I'll be demanding more facts," he wrote on Twitter on Wednesday. 

The FBI's statement came two days after CISA issued an "Emergency Directive," saying the widely used SolarWinds Orion software had been comprised. Its products "are currently being exploited by malicious actors," said the FBI.  

The attack may have begun months ago, with bugged code included in a software update. The CISA directive included detailed steps federal employees should take to stop the attack, including conducting a forensic analysis on their systems. CISA called for all agencies using the software to immediately disconnect them. 

"The compromise of SolarWinds' Orion Network Management Products poses unacceptable risks to the security of federal networks," said Brandon Wales, CISA's acting director, in a statement.

Said Wales: "Tonight's directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners - in the public and private sectors - to assess their exposure to this compromise and to secure their networks against any exploitation."  

It's only the fifth time CISA has issued an emergency directive under 2015's Cybersecurity Act

 

 

Read the original article on Business Insider