China Hacked U.S. Payroll Agency Via SolarWinds: Reuters : China : Business Times
btimesonline.com

China Hacked U.S. Payroll Agency Via SolarWinds: Reuters

By Elizabeth Utley
February 03, 2021 06:40 pm
The U.S. will improve federal computer network and software security in the aftermath of the SolarWinds attack. (Photo : Sergio Flores/Reuters)

While Russian hackers were exploiting a software flaw in government vendor Solarwinds last year, China was conducting similar operations, Reuters sources said Wednesday.

Federal Bureau of Investigation investigators recently discovered that data from the National Finance Center - a federal payroll agency managed by the U.S. Department of Agriculture - had been compromised in an attack by China hackers, according to two people familiar with the case.

China has denied involvement and "resolutely opposes and combats any form of cyberattacks and cyber theft," according to its foreign ministry.

The NFC is a payroll service provider for a range of government agencies like the FBI, Homeland Security and the State Department. It outsources software development to third party vendors including Solarwinds. These parties are given privileged access to internal networks.

"We are aware of one instance of this happening and there is no reason to believe these attackers were inside the SolarWinds environment at any time," the company said in a statement.

"This is separate from the broad and sophisticated attack that targeted multiple software companies as vectors."

In 2020, Russian operatives breached Solarwinds' digital defenses via a bug in the company's Orion software to access information of up to 18,000 customers including American federal agencies.

The hackers planted a hidden "back door" in Orion software updates that were sent to customers. Users who clicked the update installed malware giving access to computer files and controls to whoever is on the other end of the bug.

China took a different route, Reuters sources said, by exploiting another vulnerability in the Orion code which Solarwinds said was fixed in December.

The agriculture department "has notified all customers (including individuals and organizations) whose data has been affected by the SolarWinds Orion Code Compromise," a representative said.

"The SolarWinds incident underscores the global and transborder nature of cyber threats," Singapore's Minister for Communications and Information S. Iswaran said Wednesday in response to questions in parliament about the country's own digital security.

© 2023 Business Times All rights reserved. Do not reproduce without permission.
Loading ...

Most Popular

  1. 1 Muted Market Reaction as Hong Kong Gears Up for Spot Crypto ETF Listings
  2. 2 Hunter Biden's Legal Team Threatens Fox News with Imminent Lawsuit Over Alleged Defamation and 'Revenge Porn'
  3. 3 Three U.S. Marshal Task Force Officers Killed, Multiple CMPD Officers Wounded in Charlotte Shootout
  4. 4 NHTSA Launches Investigation into Ford's BlueCruise Technology Following Two Fatal Crashes
  5. 5 Bob Bakish to Step Down as Paramount Global CEO, Trio to Lead Amid Merger Speculations
  6. 6 Prince Andrew and Sarah Ferguson's Marriage to be Examined in New Book by Royal Biographer Andrew Lownie
  7. 7 King Charles Open to Reconciliation with Prince Harry, but Meghan Markle Deemed 'Toxic' by Royal Commentator
© Copyright 2024 Business Times rights reserved.
About Us Contact Us Privacy Policy Terms&Conditions