Federal intelligence agency urges Canadian firms to update SolarWinds software after massive U.S. data breach
Article content continued
The security breach is believed to be linked to Russian operators, and could be related to the earlier hack last week of U.S. cybersecurity firm FireEye Inc., according to some media reports citing security experts.
“We have been advised this attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack,” SolarWinds said in a statement Monday.
The U.S. Federal Bureau of Investigation is investigating whether Russia’s APT 29, also known as Cozy Bear, carried out the FireEye attack, but hasn’t ruled out other culprits like China, a person familiar with the investigation told Bloomberg. The U.S. government has told FireEye that Russia was behind the attack, but the cybersecurity firm hasn’t independently verified that, according to a person familiar with the discussions.
We have been advised this attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack
SolarWinds
Cozy Bear recently tried to steal coronavirus vaccine research in the U.S., U.K. and Canada, according to the authorities.
The series of attacks could rank as among the worst in recent memory, though much remains unknown, including the motive and scope of the hacks.
“We have identified a global campaign that introduces a compromise into the networks of public and private organizations through the software supply chain,” FireEye said in a blog post late Sunday, without naming a specific group for the breach.
FireEye told clients on Sunday that it was aware of at least 25 entities hit by the attack, according to people briefed by the company.