Min menu


SolarWinds hackers targeted NASA and the federal aviation administration


SolarWinds hackers have hacked into NASA and the Federal Aviation Administration (FAA) networks as part of a broader spying campaign targeting U.S. government agencies and private companies.

The two agencies were named by The Washington Post, and a NASA spokesman did not question the report but declined to comment, noting that the investigation was continuing.

NASA and the Federal Aviation Administration are believed to be the remaining agencies whose names have not been disclosed to the nine government agencies confirmed to have breached the attack.

The other seven include the Ministries of Commerce, Energy, Internal Security and Justice, the Treasury, And National Institutes of Health, although the attackers are not believed to have violated secret networks.

FireEye, Microsoft, and Malwarebytes were among a number of cybersecurity companies that were also hacked as part of the attacks.

The Biden administration is reportedly preparing to impose sanctions on Russia, in large part because of the hacking campaign, the paper said.

The attacks were discovered last year after FireEye sounded the alarm about the hacking campaign after it penetrated its own network.

The victims include all clients of the American software company SolarWinds, which uses its own network management tools in the federal government and companies.

The hackers hacked into the SolarWinds network, planted a back door in its software, and sent the back door of customer networks through a software update.

SolarWinds hackers are also said to have targeted other companies by breaking into other devices through victim networks, as well as targeting Microsoft vendors to hack into other customers' networks.

Last week, Anne Neuberger, former director of cybersecurity at the National Security Agency, who is now deputy national security adviser for electronic technology in the Biden administration, said: Planning and carrying out the attack took months, and we need some time to uncover everything.

Representatives from the affected companies said during a hearing of the U.S. Senate Intelligence Committee that the true extent of the breach is still unknown because most victims are not legally required to disclose attacks unless they contain sensitive information about individuals.

Microsoft said its researchers believe that at least 1,000 professional engineers have worked to penetrate SolarWinds.