Hackers penetrated the US nuclear weapons agency via SolarWinds supply chain attack

Hackers penetrated the US nuclear weapons agency via SolarWinds supply chain attack

Solarwinds supply chain attack problem has affected many organizations. This time, hackers have penetrated into a large number of well-known government and enterprise organizations through Solarwinds’s software.

Recently, Microsoft and Cisco have been confirmed to be affected by the attack, and the latest confirmed to be affected is the National Nuclear Security Administration (NNSA), which is responsible for managing US nuclear weapons.

The NNSA is an agency of the US Department of Energy. It is mainly responsible for the management and maintenance of US nuclear weapons, as well as responding to nuclear and radiological emergencies. After investigation, the agency confirmed that the business system used Solarwinds software and detected virus samples. It has already disconnected the relevant computers from the network for the first time.

ICS Attack Framework “TRITON”

In previous attacks that targeted the U.S. Department of Commerce and the U.S. Department of the Treasury, the investigation found that the main target of hackers was to monitor institutions responsible for formulating relevant industry policies.

The NNSA was infiltrated this time, but the hackers seemed to be only interested in internal documents. The investigation showed that the focus of the hacker’s attention was the US Department of Energy (DOE).

The committee is mainly responsible for the management and formulation of documents for the energy industry, and although hackers have penetrated into offices such as the US Department of Energy, they have not focused on them.

The situation in the NNSA is similar. Its business system has been infiltrated and hackers use it to monitor its business system to view the daily work of US federal employees.

As for the management systems related to nuclear weapons in the United States, they are all offline and have not been infected, and business systems are also isolated, so there is no horizontal spread.

Via: bleepingcomputer