The Cybersecurity and Infrastructure Security Agency (CISA) issued a rare Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products this week.
This was only the fifth Emergency Directive issued by CISA since 2015 and concerned a breach of the SolarWinds Orion products.
This Emergency Directive called on all federal civilian agencies to urgently review their networks for signs of compromise and disconnect or power down SolarWinds Orion products immediately.
Guess who also uses SolarWinds? Dominion Voting Systems.
This afternoon a guest on Hannity told the popular conservative host the FBI, US Marshals and Texas Rangers were raiding SolarWinds headquarters in Austin Texas!
Hannity Guest: The agency that is supposed to oversee this type of intrusion, this type of Trojan Malware virus that affects the nation or even the world in this case and to find them. Well, his agency was asleep. They didn’t find that they were out in the wilds since March. I do have a bit of a breaking news for you here, Sean. I’m here in Texas. I have a good friend who’s a ranger who passed to me that the FBI, the Texas Rangers and the US Marshals are all at the SolarWinds headquarters in Austin, Texas and they are currently looking
For the record — We have been looking for more information on this so-called raid and contacted friends in Austin but have not yet confirmed this incident.
very seriously at the systems there… There is other news that will be coming out about the CEO and Executive Vice President as well.
BREAKING per guest on @seanhannity’s radio show: “The FBI, Texas Rangers & US Marshals are all at the SolarWinds HQ in Austin, TX” looking at their systems. Notes the Executive VP sold 57k shares [$1.2M] on 11/9. The CEO, Kevin Thompson, had sold 700k shares [$15M] 10 days later https://t.co/DPN8u1z9I1
— Murray 🇺🇸 (@Rothbard1776) December 14, 2020
More on the SolarWinds attack.
Krebs on Security reported on the attack.
In a security advisory, Austin, Texas based SolarWinds acknowledged its systems “experienced a highly sophisticated, manual supply chain attack on SolarWinds Orion Platform software builds for versions 2019.4 HF 5 through 2020.2.1, released between March 2020 and June 2020.”
In response to the intrusions at Treasury and Commerce, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) took the unusual step of issuing an emergency directive ordering all federal agencies to immediately disconnect the affected Orion products from their networks.