Report: Suspected Chinese Hackers Targeted U.S. Payroll Agency Via Separate Bug in SolarWinds Orion Code

Report: Suspected Chinese Hackers Targeted U.S. Payroll Agency Via Separate Bug in SolarWinds Orion Code
Cyber Attack

A group of suspected Chinese hackers used a vulnerability in SolarWinds software to breach U.S. government networks and a payroll agency within the U.S. Department of Agriculture (USDA) – National Finance Center (NFC) – was one of the government organizations affected by the cyber attack, Reuters reported Tuesday.

Sources said the operation of suspected hackers from China was different from the one carried out by threat actors allegedly linked to Russia because it exploited a different flaw in SolarWinds Orion code to compromise and penetrate deeply into government networks.

The NFC oversees the payroll of several federal agencies, including the FBI and the departments of the Treasury, State and Homeland Security, according to former officials. A spokesman for USDA said the department has informed all customers, including organizations and individuals, whose information has been affected by the SolarWinds Orion compromise.

SolarWinds said it was aware of one customer that was targeted by the second group of threat actors but had “not found anything conclusive” to identify who was behind the attack. The company noted that the hackers failed to access its own systems and that it had issued an update to address the software flaw in December.

You may also be interested in...

Anthony Iasso

Anthony Iasso Named Xator CTO; CEO David Scott Quoted

The Xator Corporation announced on Friday that Anthony Iasso has been appointed the company’s new chief technology officer. Xator CEO David Scott elaborated that Iasso would take advantage of Xator’s key investments in the company’s acquisitions and tech capabilities to further propel its solution offerings for its customers.