By Raphael Satter
WASHINGTON (Reuters) – IT company SolarWinds said on Sunday that monitoring products it released in March and June of this year may have been surreptitiously tampered with in a “highly-sophisticated, targeted and manual supply chain attack by a nation state.”
The statement came as the U.S. intelligence community urgently investigates breaches at several government agencies, including the U.S. Treasury and Department of Commerce. The breach – which two people familiar with the investigation said was connected to a previously announced intrusion at cybersecurity firm FireEye – is currently believed to be the work of Russians.
SolarWinds did not directly comment on the breaches but said it is “acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community, and other law enforcement to investigate these matters. As such, we are limited as to what we can share at this time.”
(Reporting by Raphael Satter; Editing by Daniel Wallis)
