National: Hack at Treasury and Commerce spurs emergency order from CISA | Justin Katz/FCW
The Cybersecurity and Infrastructure Security Agency late Sunday night issued an emergency directive in response to a sophisticated cyberattack mandating all federal civilian agencies stop using SolarWinds’ Orion products “immediately.” “The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA acting Director Brandon Wales. The “directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners — in the public and private sectors — to assess their exposure to this compromise and to secure their networks against any exploitation.” CISA also said that federal agencies using SolarWinds products should provide a completion report to the CISA by noon Monday. SolarWinds, which provides IT management and monitoring products, boasts a long list of government customers including the Defense Department, NASA and NSA as well as “425 of the U.S. Fortune 500″ companies,” according to company’s website, The order is just the fifth binding operational directive issued by CISA in its history. Hackers – likely backed by Russia, according to analysts and government sources – breached both the Commerce and Treasury Departments’ networks, Reuters first reported Sunday afternoon. The news hit several days after FireEye announced its own network was compromised and cyber exploits used to test client networks were stolen.
Full Article: Hack at Treasury and Commerce spurs emergency order from CISA — FCW