Skip to Content
© Erik Lattwein | Dreamstime.com
Security & privacy

US government cyberattack: It’s bad and it’s getting worse

Hackers are more than capable of destroying your life with nothing more than a computer in hand. Thanks to the rise of cyberattacks and malware, it’s easy for them to break into networks, steal data and sell it to the highest bidder.

This is why network security is more important than ever. Without a strong Wi-Fi network to protect your data, you’re a sitting duck for hackers to prey upon. Tap or click here to see how to keep hackers out of your home network.

Now, a massive cyberattack has hit the U.S. government, allegedly orchestrated by Russian hackers to steal highly sensitive government and public information. While it was initially believed to have occurred through a single compromised software program, that is no longer the case.

Hacking the cyberattack anti-hacking tools

The hackers reportedly attacked cybersecurity company FireEye, using sophisticated malware to breach Orion software from SolarWinds. But according to a statement from the NSA, many of the victims never used SolarWinds’ Orion.

To enter multiple government systems, hackers targeted an upgrade of the Orion software, which is being used by 17,000 customers.

To make matters worse, the hackers essentially hacked the government’s anti-hacking tools. “The attack unfortunately represents a broad and successful espionage-based assault on both the confidential information of the U.S. government and the tech tools used by firms to protect them,” wrote Microsoft’s Brad Smith in a blog post.

RELATED: Russian hackers hacked our hacking methods

In essence, the hackers are looking for information on how the U.S would conduct a cyberattack of its own.

Affected government branches include the Commerce Department, Department of Homeland Security, Pentagon, Treasury Department, U.S. Postal Service and National Institutes of Health.

The U.S. Energy Department also discovered evidence of the same malware used to breach the National Nuclear Security Administration (NNSA). They explained, however, that mission-essential national security functions remained intact.

RELATED: 7 ways to delete yourself from the internet

SolarWinds was alerted to the possibility of a cyberattack by a security engineer last fall. While it has since been rectified, the engineer found several updated servers on the public internet. All the servers had the password ‘solarwinds123’ at login.

Not just government systems are at risk

Tunneling through Orion software and government systems, it is believed that the hackers managed to gain entry to thousands of corporate, private business and organizational networks.

Reports indicate that victims are as far abroad as Europe, Asia and the Middle East. These include oil and gas companies, consulting firms, technology developers, and telecommunications infrastructure.

As part of the investigation into the still-ongoing attacks, Microsoft added that it has become evident that the hacking campaign is “remarkable for its scope, sophistication and impact.” Shockingly, many security departments agree that the attacks have been going on for several months already.

RELATED: Millions of smart devices are vulnerable to hackers! 6 ways to protect yourself

The Cybersecurity and Infrastructure Security Agency (CISA) has been at the forefront of the investigation and candidly explained its severity.

It put the Federal Government at risk and the systems on a state, local, tribal and territorial government level. Saying that the tactics, techniques and procedures used “have not yet been discovered” and pose a serious risk to the American public.

How to protect personal information from a cyberattack

While government authorities are investigating the breach and trying to plug the holes, it is advised that you take steps to protect your personal information. This is especially important if you log in to government websites like the IRS, Small Business Administration or Social Security Administration.

RELATED: 5 ways you’re being tracked that you can stop right now

Here are some ways to protect your info:

  • Change your passwords ASAP: Passwords for everything from online bank accounts to IoT devices in your home need to be unique and difficult to crack. Tap or click here to see how to create stronger passwords.
  • Make sure all of your devices are up to date: If automatic updates are available for your device’s operating systems, hardware or software, enable this feature to help.
  • Protect your IoT devices: If you have IoT devices in your home, keep them on a separate network from your computers.
  • Never keep a device’s default password: One critical mistake people make is not changing default passwords on things like their modem or router. This makes it ridiculously easy for a hacker to take control of your network. You might need to look at your device’s manual for specific instructions on how to change the default settings. Tap or click here to lookup thousands of user manuals online for free.
  • Protect your devices with strong antivirus software: Tap or click here to find out which option is best for your PC or Mac.

Also, watch out for targeted phishing scams, bogus emails or text messages. Never give out your personal information to anyone you don’t know through unsolicited messages, and independently verify any suspicious claims.

Stop robocalls for good with Kim’s eBook

Robocalls interrupt us constantly and scam Americans out of millions of dollars every year. Learn Kim's best tricks for stopping annoying robocalls in this handy guide.

Get the eBook