The Department of Energy added its name to the growing list of federal agencies impacted by the compromise of the SolarWinds Orion product. However, while DOE found malicious software on its networks, it has uncovered no evidence that critical systems were affected. “At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the Department, including the National Nuclear Security Administration,” department spokeswoman Shaylyn Hynes said in a statement. “When DOE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DOE network.”
Cybersecurity, Privacy, & AI
Trending Now
Report From FDLI Annual Meeting: FDA’s Expanding Use of AI – What Regulated Industry Should Know • NIST Revises SP 800-70 | National Checklist Program for IT Products: Guidelines for Checklist Users and Developers • Cyberattacks Are Now Part of US Counterterrorism Strategy • What’s Driving the Air Force OT Cyber Office’s Massive FY 2027 Budget Request? • DHS Units to Re-Up Contract With Controversial Mobile Device Data Extractor
DOE: SolarWinds-Related Malware on IT Networks, but Critical Systems Unaffected
Jon Kraft | Shutterstock
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.