Close to 200 organizations were hacked by Russia as part of the cybersecurity attack on SolarWinds, a third party software contractor, that has compromised multiple government agencies, Bloomberg News reported.
Massachusetts-based cyber security firm Recorded Future identified 198 people that were hacked by a malicious update, threat analyst Allan Lisa told the news outlet.
Three people familiar with the inquiry told Bloomberg the hack further compromised at least 200 victims by attempting to move in their computer networks or gain user credentials.
About 18,000 SolarWinds customers received the malicious update, according to Bloomberg. Of that number, more than 1,000 experienced a malicious code ping that gave hackers further access to sensitive networks.
The identities of the victims were not provided to Bloomberg, and the number is expected to grow as the the investigation continues.
A spokesperson for SolarWinds told the news outlet that it “remains focused on collaborating with customers and experts to share information and work to better understand this issue.”
The Hill has reached out to SolarWinds and Recorded Future for comment and confirmation of the inquiry.
The analysis comes as America grapples with the fallout of the hack, which some have suggested could have amounted to an act of war. The Cybersecurity and Infrastructure Protection Agency said this week that the attack posed a “grave risk” to government and private sector organizations.
Reuters first reported last Sunday that the Treasury Department and an agency in the Commerce Department were compromised as part of the breach into SolarWinds. The Washington Post later reported that Russian military intelligence unit “Cozy Bear” was allegedly behind the attack.
During an interview on “The Mark LevinMark Reed LevinJudicial interference and the coming constitutional crisis Dwayne Johnson touts surge in Instagram followers after his Biden endorsement: ‘Always speak your truth’ Ted Cruz hits Fox’s Wallace for ‘train wreck’ debate, pitches new idea for moderators MORE Show” Friday, Secretary of State Mike PompeoMike PompeoChampioning Democracy: How America can blunt the rise of authoritarian powers Azar tells Health Department staff his wife has COVID-19: ‘Mild symptoms but otherwise doing well’ Pompeo speaks with Turkish counterpart following US sanctions MORE said “we can say pretty clearly that it was the Russians that engaged in the activity.”
Yet President TrumpDonald TrumpTrump signs bill to keep government open amid relief talks US to close two Russia consulates ‘Guardians of the Galaxy’ trends on social media following new Space Force name MORE downplayed the hack on Saturday, questioning whether the Russia was really behind the cyber attack, saying on Twitter that “everything is well under control.”
“Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!),” Trump tweeted.
Multiple government agencies have reportedly been compromised over the past week, including the State Department, Department of Defense and agencies within the Department of Energy.