The chaos has been exacerbated by the recent departure of federal cybersecurity executive Christopher Krebs, who was fired as director of the Cyber and Infrastructure Security Agency (CISA) after contradicting President Trump’s groundless claims of election interference.Īccording to a Politico report, the growing scope of the crisis has pushed CISA’s resources to the breaking point. Several news outlets have reported that the breach affected the Department of Homeland Security, but the department has not made any official statement regarding its exposure.
Other organizations have been cagey about their own exposure, even within the federal government. In an article on Monday, The New York Times cited a number of organizations as vulnerable that are not cited on the public client page, including Boeing and Los Alamos National Laboratory. Before its removal, the page boasted a broad range of clients, including more than 425 of the companies listed on the Fortune 500 as well as the top 10 telecom operators in the United States.
SolarWinds’ overall client list includes a broad range of sensitive organizations. Still, there is much about the attack that remains unknown, and it is possible that additional compromises have yet to be discovered. Out of that 33,000, the company estimates that fewer than 18,000 were directly impacted by a malicious update, and the list of directly targeted companies is likely even smaller.
SolarWinds claims that only 33,000 companies use the Orion product, compared to its total client base of 330,000. The list of vulnerable companies is much smaller than SolarWinds’ overall client list, so simply appearing on the list doesn’t mean a company has been affected. “Many agencies don’t know how on fire they are yet”
0 kommentar(er)
