A group of suspected Chinese hackers used a vulnerability in SolarWinds software to breach U.S. government networks and a payroll agency within the U.S. Department of Agriculture (USDA) – National Finance Center (NFC) – was one of the government organizations affected by the cyber attack, Reuters reported Tuesday.
Sources said the operation of suspected hackers from China was different from the one carried out by threat actors allegedly linked to Russia because it exploited a different flaw in SolarWinds Orion code to compromise and penetrate deeply into government networks.
The NFC oversees the payroll of several federal agencies, including the FBI and the departments of the Treasury, State and Homeland Security, according to former officials. A spokesman for USDA said the department has informed all customers, including organizations and individuals, whose information has been affected by the SolarWinds Orion compromise.
SolarWinds said it was aware of one customer that was targeted by the second group of threat actors but had “not found anything conclusive” to identify who was behind the attack. The company noted that the hackers failed to access its own systems and that it had issued an update to address the software flaw in December.