SolarWinds hackers also compromised NASA systems

According to a report published by The Washington Post, the National Aeronautics and Space Administration (NASA) and the US Federal Aviation Administration (FAA) were also compromised during the recent attack on the SolarWinds supply chain through the SolarWinds Orion solution. Although it was originally seen as an attack on private organizations, this shows that the incident also affected a considerable number of public institutions.

Authorities have not officially spoken out about it, although specialists believe the U.S. government has been aware of this incident for a few weeks now, when national security adviser Anne Neuberger stated that they were aware of at least nine federal agencies engaged during this incident.

In this regard, the Department of Transportation issued a statement in which they claim to be investigating the report. On the other hand, a NASA spokesperson mentions that a team from the Agency for Cybersecurity and Infrastructure Security (CISA) is working on a detailed investigation to find any possible traces of malicious activity.

About the group responsible for the attack, specialists mention that this campaign could be linked to a group identified as StellarParticle, also known as UNC2452, SolarStorm or Dark Halo.

Microsoft is one of the companies that has invested the most resources for investigating this incident, which has allowed its security teams to develop a detailed timeline regarding the attack. In addition to its description of the context in which the SolarWinds Orion hack occurred, Microsoft ensures that public agencies such as:

  • US Treasury Department
  • National Telecommunications and Information Administration (NTIA)
  • State Department
  • National Institute of Health (NIH)
  • US Department of Homeland Security (DHS)
  • Department of Energy (DOE)
  • National Nuclear Safety Administration (NNSA)

In early 2021, the US Administrative Office revealed an investigation revealing a possible commitment by computer systems operating in U.S. federal courts, as well as a possible attack on their storage systems. Moreover, Microsoft also reported that SolarWinds hackers also managed to download snippets of the source code from developments such as Azure or Exchange.

Although considered ideologically opposed to former President Trump, Joe Biden’s administration could also implement some sanctions on the Russian government for its alleged involvement in these campaigns, although no official pronouncement has been issued. To learn more about information security risks, malware, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.