Canada Is Accessing Solarwinds Hack And Suspects The Russian Hackers Of Spying

 

 

 

The Canadian security officials are now looking forward to a significant hack south of the border that appears to have appeared to have penetrated the top U.S. government agencies and have left the officials there scrambling to limit the loss.

On Monday, the reporters reported that the Department of Homeland Security, the Treasury Department, and the Department of Commerce were amongst thousands of business and government entities that were hit by the attack that appears to have let the hackers monitor the operations for nine months before being detected.

Evan Koronewski, the spokesperson for the CSE stated that CSE and its Canadian Centre for Cyber Security (Cyber Centre) are aware of the media reporting about a major cyber incident that has affected the U.S. government and also added that they are assessing the situation and shall continue to work with the government partners, including Shared Services Canada, to ensure that their networks remain secure and no information gets compromised.

Koronewski also said that the CSE’s Cyber Centre has issued both an alert to the public and the bulletins privately to the government and the non-government partners advising of the incident. However, it’s not clear whether any Canadian government systems may also be impacted or not.

It was on Sunday when the hack was first revealed and has been caused by downloads of software updates to a data management software called SolarWinds, which the hackers had thereby corrupted with some malicious code.

There are multiple American media reports citing sources that state the breach to be so serious that the officials have convened an emergency meeting of the National Security Council.

The resources cited three sources who have pointed the finger at Russia. Moreover, the U.S. Cybersecurity and Infrastructure Security Agency have issued a warning on Sunday following the news of the hack, and have urged the federal agencies to look over their networks for any signs of a breach and then shut down the SolarWinds software products immediately.

Brandon Wales, the agency’s acting director said that the compromise of SolarWind’s Orion Network Management Products thereby poses unacceptable risks to the security of federal networks. He also said that the directive is intended to mitigate potential compromises within the federal civilian networks and that they urge all their partners, both in the public and the private sectors to assess their exposure to this compromise and to secure their networks against any exploitation.

The Canadian Cyber Center has also laid out advice for the businesses wanting to assess their risk but has not yet issued an emergency order akin to that from the American agency.