Suspected Chinese hackers used SolarWinds bug to spy on US agency, insiders say
- The software flaw exploited by the suspected Chinese group is separate from the one allegedly used by Russian operatives
- The development marks a new twist in the massive cybersecurity breach that US lawmakers have called a national security emergency
Suspected Chinese hackers exploited a flaw in software made by SolarWinds Corp to help break into US government computers last year, according to five people familiar with the matter, marking a new twist in a sprawling cybersecurity breach that US lawmakers have labelled a national security emergency.
Two people briefed on the case said FBI investigators recently found that the National Finance Centre, a federal payroll agency inside the US Department of Agriculture, was among the affected organisations, raising fears that data on thousands of government employees may have been compromised.
The software flaw exploited by the suspected Chinese group is separate from the one the United States has accused Russian government operatives of using to compromise up to 18,000 SolarWinds customers, including sensitive federal agencies, by hijacking the company’s Orion network monitoring software.
Security researchers have previously said a second group of hackers was abusing SolarWinds’ software at the same time as the alleged Russian hack, but the suspected connection to China and ensuing US government breach have not been previously reported.
It wouldn’t be the first time we’ve seen a nation-state actor surfing in behind someone else, it’s like ‘drafting’ in Nascar
Reuters was not able to establish how many organisations were compromised by the suspected Chinese operation. The sources, who spoke on condition of anonymity to discuss ongoing investigations, said the attackers used computer infrastructure and hacking tools previously deployed by state-backed Chinese cyberspies.