The number of US agencies and private companies reportedly affected by the SolarWinds data breach continues to rise. At least six federal agencies are contending with attack damage. As of Wednesday evening, US officials understood the cyber campaign to be ongoing.
Microsoft has stated that its infrastructure is under cyber forensics investigation, and 40 of its clients experienced impact due to the breach, as they utilized SolarWinds’ software. Of the clients whose enterprises are in jeopardy, at least 80% are located in the US, while the remainder lie scattered across Canada, Mexico, Belgium, Spain, the UK, Israel and the United Arab Emirates.
Over 40% of affected organizations included businesses in the information technology space; software firms, it services and equipment providers. Just shy of 30% of affected groups included government agencies and government contractors. The remainder of the affected organizations provide an assortment of services across the finance, health, and telecommunications sectors. Microsoft’s President, Brad Smith, states that he anticipates seeing additional organizations added to this list.
Image courtesy of Microsoft.
“In effect, this is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency,” Smith asserted.
The public sector and the private sector in the US are joining the global community in determining the full extent of what’s taken place here, how to prevent future cyber campaigns of this nature, and the broader implications of this breach.
Update: Via the SolarWinds’ breach, cyber attackers gained access to the US Department of Justice’s email client. “At this point, the number of potentially accessed O365 mailboxes appears limited to around 3-percent and we have no indication that any classified systems were impacted,” stated DOJ spokesperson, Marc Raimondi.
“The number of [federal victims] is likely to grow with further investigation,” stated Brandon Wales, the acting director of the US Cybersecurity and Infrastructure Security Agency.
Cyber infiltration into the DOJ was first reported on Christmas Eve. The DOJ employs a workforce of 115,000 and 3 percent means that only 3,450 or so email accounts were compromised in the breach.
“…there’s a lot of confidential and sensitive information that is transmitted and stored on unclassified systems, a lot of information that would be of interest to a foreign state who was trying to learn about our intentions and our planning,” stated John Demers, assistant attorney general for US national security.