European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in February 2021.
The EU official response is based on the results of an investigation conducted by the EU Computer Emergency Response Team (CERT-EU).
CERT-EU confirmed that 14 EU agencies were running the SolarWinds Orion monitoring software, and six of them were breached. Anyway, the CERT-EU did not reveal the name of the EU agencies that installed the tainted Orion updates.
In December 2020, SolarWinds revealed that 18,000 customers might have been impacted by the cyber attack against its supply chain. The alarming data emerged in a filing with the Securities and Exchange Commission (SEC) on Monday.
Nation-state actors, allegedly Russia-linked hackers have compromised the networks of several US government agencies, including the US Treasury, the Commerce Department’s National Telecommunications and Information Administration (NTIA). The hack allowed the threat actors to spy on the internal email traffic.
A report published by the Washington Post, citing unnamed sources, attributes the attacks to APT29 or Cozy Bear, the Russia-linked APT that’s believed to have recently compromised the top cybersecurity firm FireEye.
In January, the US agencies FBI, CISA, ODNI, and the NSA released a joint statement that blames Russia for the SolarWinds supply chain attack.
“CERT-EU officials claimed that they don’t have a full picture as EU official bodies are not required to report security incidents to their agency, with reporting taking place on a voluntary basis.” states TheRecord that first reported the news. “In the cases they received information, CERT-EU said that some agencies sent limited details on the attacks, and, while in other reports, network logs, used to hunt for clues about the hackers’ actions, were often not available.”
Last week, the EU also disclosed a separate security breach of multiple official bodies in an attack still shrouded in mystery.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, SolarWinds)
[adrotate banner=”5″]
[adrotate banner=”13″]
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
This website uses cookies.