
© Solarwinds
BREAKING BIG — The Cybersecurity and Infrastructure Security Agency (CISA) on Sunday night issued Emergency Directive 21-01, in response to a KNOWN COMPROMISE involving SolarWinds Orion products.
This was only the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015.
Via the
Cybersecurity and Infrastructure Security Agency.
WASHINGTON - The Cybersecurity and Infrastructure Security Agency (CISA) tonight issued Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors. This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
"The compromise of SolarWinds' Orion Network Management Products poses unacceptable risks to the security of federal networks," said CISA Acting Director Brandon Wales. "Tonight's directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners — in the public and private sectors — to assess their exposure to this compromise and to secure their networks against any exploitation."
This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a complete report to CISA by 12 pm Eastern Standard Time on Monday, December 14, 2020.
The liberal media is blaming the attack and breach on the 'Russians'?.
Comment: More from the
Gateway Pundit:
This Emergency Directive called on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
So guess who uses SolarWinds?
Dominion Voting Systems uses SolarWinds products. It's right there on their website.
Dominion is still not powered down.
Ron at CodeMonkeyZ
CISA was caught with their pants down, but immediately began to shift blame to those eeevil 'Russian hackers'. RT
reports:
Hackers targeted the US Treasury and the Commerce Department's National Telecommunications and Information Administration - and there was concern among US intelligence agencies that the same perpetrators might have gained access to other government agencies' internal communications, Reuters reported on Sunday, citing sources "familiar with the investigation."
The intruders apparently gained access to internal emails through Microsoft's Office 365 cloud-based service, with anonymous sources calling the attack "highly sophisticated" and thus definitely perpetrated by a "nation state." As many as three of those sources said Russia is "currently believed" to be behind the attack. To dispel any doubts, Reuters recalled a recent embarrassing hack of a preeminent US cybersecurity firm, FireEye, which was also blamed on Moscow simply because that would be "consistent" with what anonymous officials and mainstream media report about Russia.
The breach was discovered just recently and allegedly led to a high-profile National Security Council meeting at the White House this weekend, but there was indication that some of the communications had been accessed illicitly as early as this summer.
While neither Microsoft nor the Treasury Department have issued comments yet, the Commerce Department confirmed a breach at one of its agencies, but offered no details.
We have asked the Cybersecurity and Infrastructure Security Agency and the FBI to investigate, and we cannot comment further at this time
Social media jumped in with further details and some speculation:
:
Apparently someone knew what was up because now comes news that SolarWinds Co. Director Aurora Co-Invest L.P. Slp
sold 2,079,823 shares of the business's stock in a transaction
last Monday, December 7th. Nothing fishy about that . . . .

© Market Beat
R.C.