Widely Used Software Company May Be Entry Point for Huge U.S. Hacking

In a statement on its blog, JetBrains said it had not been contacted by government or security agencies.

“We have not been contacted by any government or security agency regarding this matter, nor are we aware of being under any investigation,” Maxim Shafirov, the company’s chief executive, said in a post Wednesday. “If such an investigation is undertaken, the authorities can count on our full cooperation.”

SolarWinds confirmed Wednesday that it used TeamCity software to assist with the development of its software and was investigating the software as part of its investigation. The company said it had yet to confirm a definitive link between JetBrains and the breach and compromise of its own software.

SolarWinds has said that 18,000 customers downloaded its compromised software, but investigators believe Russia was judicious in which of those networks it gained access to, making it difficult to quickly assess the damage.

In the joint announcement, officials said they believed the Russian hackers stopped at 10 federal agencies, but an internal assessment by Amazon, which has been examining hackers’ tools, believe the total number of victims in government and the private sector could be upward of 250 organizations.

Microsoft also announced on Dec. 31 that its network was breached by the same intruders, and confirmed that they viewed the company’s source code. It has not said which products may have been compromised. CrowdStrike, a security firm, confirmed last month that it was targeted, unsuccessfully, through a company that sells software on behalf of Microsoft. Those resellers help set up Microsoft software and often have broad access to clients’ systems, which Russia’s hackers could exploit on untold numbers of Microsoft customers.

The Justice Department did not learn of, and close off, the vulnerability in its Microsoft Outlook email system until Dec. 24, some 10 days after the SolarWinds compromise of government computers became public, officials said.

source: nytimes.com