Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency
According to five individuals familiar with a story of a cybersecurity breach, they reported to Reuters about an attempt to exploit a software flaw by some suspected Chinese hackers. This breach was in a bid to break into the United States Government’s computers through the software developed by Solar Winds Corp.
This story brings about an appalling twist to the already increasing rates of cybersecurity breaches wherein U.S. lawmakers have been forced to describe as a case of a national security emergency.
The FBI Investigators Report
The FBI investigators of this case found a clue during their investigation; the National Finance Center, which doubled as a payroll agency and merged alongside with the United States Department of Agriculture, was amidst the list of organizations affected and inherently raising fear and panic regarding the security of data and information being safe-guarded containing government and citizens information being ultimately compromised.
However, the suspected Chinese group’s exploitation is different from the Russian government operatives where the U.S. accused of compromising nearly 18,000 SolarWinds customers, additionally, compromising federal agencies of high authority through the process of an Orion Network monitoring software hijack.
From the security researchers’ reports, they propose a second wave of attackers abusing the SolarWinds software simultaneously while the alleged Russian hack was in effect. Still, they connect their leads to China.
Reuters have not been able to develop the exact number of compromised organizations by the alleged Chinese operation. We are made to understand the computer technologies used for the operation have been formally deployed by some Chinese cyberspies backed by the state.
The USDA (United States Department of Agriculture) Report
In an email sent by a USDA Spokesman, “USDA has notified all of its customers whose data have been compromised due to the SolarWinds Orion Code Hack.”
After this mail was sent, the follow-up statement was published. A different USDA spokesperson denied the breach and reassured the public of all their customer’s information’s safety and security. And after this statement, further statements and questions were not answered or provided.
The Chinese Foreign Ministry
The Chinese foreign ministry stated that cyberattacks are strictly a “complex technical issue” and should be treated as such. If anybody or party has an allegation to make, they must present such with concrete evidence. And also made sure to declare the persistent efforts China takes to rebuke and combat any form of cyberattack and theft of any form.