Cybersecurity

Dozens of US organizations also used software targeted by Russian hackers: analysis

Several major technology and accounting firms are among 24 U.S. organizations that used software targeted by Russian hackers in a cyberattack that breached federal agencies, according to The Wall Street Journal.

The newspaper’s analysis found that Cisco Systems, Intel Corp. and accounting company Deloitte used the SolarWinds network monitoring software, along with Kent State University and the California Department of State Hospitals.

Cisco told the newspaper it discovered the malware on a handful of employee and laboratory systems, saying the matter remains under investigation.

“At this time, there is no known impact to Cisco offers or products,” a company spokesman told the Journal.

Intel also said it is investigating but has uncovered no indication the perpetrators accessed its network through the backdoor they installed.

Deloitte said it has not “observed indications of unauthorized access to our systems at this time.” The accounting firm was infected in late June, according to the Journal.

Kent State, meanwhile, said it was “aware of the situation and [is] evaluating this serious matter.”

The California Department of State Hospitals told the newspaper it is in touch with state and federal agencies on the fallout from the hack.

Activity related to the hack dates back to October 2019, according to SolarWinds.

The Kremlin has denied responsibility for the attack, but the State and Justice departments have both concluded Russian intelligence is responsible for the attack.

“If this is indeed [Russian intelligence service] SVR, as we believe it is, those guys are incredibly hard to kick out of networks,” Dmitri Alperovitch, a cybersecurity expert and co-founder of the Silverado Policy Accelerator think tank, told the paper.