The FBI recently discovered that the National Finance Center (NFC) was the target of hackers, possibly from the Chinese Communist Party (CCP) who allegedly spied on the data of hundreds of thousands of federal employees.
In this attack, the intruders used different techniques from those reported last month and attributed to alleged Russian hackers, reported Reuters on Feb. 2.
Cyberattckers used flaws in SolarWinds Corp. software
What the two groups of cyberattackers have in common is the use of flaws in software manufactured by SolarWinds Corp. to break into government computer systems.
The extent of the previous attack was enormous, and lawmakers labeled it a national security emergency because it affected some 18,000 agencies.
This time the Department of Agriculture (USDA), on which the NFC depends, reported that it had “notified all customers (including individuals and organizations) whose data has been affected by the SolarWinds Orion code compromise.”
The SolarWinds report only mentions one hacked customer and was inconclusive in pinpointing the source of the offenders.
Palo Alto Networks’s deputy director of threat intelligence at Unit 42, Jen Miller-Osborn, felt, “It appears SolarWinds was a high-value target for more than one group.”
National Finance Center (NFC) hacked
Although the FBI did not report what data or how much had been taken, the dimensions of the NFC could be taken as a reference.
According to its website, it “provides services to more than 160 diverse agencies” related to the payrolls of more than 600,000 federal employees.
The data it handles includes social security and phone numbers, as well as users’ email addresses and banking information. These include FBI, State Department, Department of Homeland Security, and Treasury Department agents.
It should also be noted that SolarWinds is used in the systems of some 300,000 organizations worldwide and many U.S. federal agencies, including the military, the Pentagon, the State Department, the NASA, the National Security Agency, the Department of Justice, and the White House.
Meanwhile, the FBI, U.S. Marshals, and Texas Rangers raided SolarWinds’s Austin, Texas, headquarters on Dec. 14 on charges of negligence.