Last night the Cybersecurity and Infrastructure Security Agency (CISA) issued a rare Emergency Directive 21-01, in response to a KNOWN COMPROMISE involving SolarWinds Orion products.
This was only the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015.
CISA reported a breach of the SolarWinds Orion products.
This Emergency Directive called on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
So guess who uses SolarWinds?
Dominion Voting Systems uses SolarWinds products.
It’s right there on their website.
This afternoon John Basham on Hannity told the popular conservative host the FBI, US Marshals and Texas Rangers were raiding SolarWinds headquarters in Austin Texas!
John Basham Hannity Guest: The agency that is supposed to oversee this type of intrusion, this type of Trojan Malware virus that affects the nation or even the world in this case and to find them. Well, his agency was asleep. They didn’t find that they were out in the wilds since March. I do have a bit of a breaking news for you here, Sean. I’m here in Texas. I have a good friend who’s a ranger who passed to me that the FBI, the Texas Rangers and the US Marshals are all at the SolarWinds headquarters in Austin, Texas and they are currently looking very seriously at the systems there… There is other news that will be coming out about the CEO and Executive Vice President as well.
BREAKING per guest on @seanhannity’s radio show: “The FBI, Texas Rangers & US Marshals are all at the SolarWinds HQ in Austin, TX” looking at their systems. Notes the Executive VP sold 57k shares [$1.2M] on 11/9. The CEO, Kevin Thompson, had sold 700k shares [$15M] 10 days later https://t.co/DPN8u1z9I1
— Murray 🇺🇸 (@Rothbard1776) December 14, 2020
For the record — We have been looking for more information on this so-called raid and contacted friends in Austin but have not yet confirmed this incident.
More on the SolarWinds attack.
Krebs on Security reported on the attack.
In a security advisory, Austin, Texas based SolarWinds acknowledged its systems “experienced a highly sophisticated, manual supply chain attack on SolarWinds Orion Platform software builds for versions 2019.4 HF 5 through 2020.2.1, released between March 2020 and June 2020.”
In response to the intrusions at Treasury and Commerce, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) took the unusual step of issuing an emergency directive ordering all federal agencies to immediately disconnect the affected Orion products from their networks.
UPDATE– John Basham flagged us on Twitter saying he did not use the word “raid” to describe the federal officials at the SolarWinds headquarters in Austin.
Hey @gatewaypundit That “Hannity Guest” Was Me & The Only Correction I Have For Your Article…I Did Not Describe The Investigation In Austin At Solarwinds As A “Raid”, But They Had A Building Full Of Agents, Rangers, & Deputy Marshals (Primarily FBI Agents) https://t.co/BduyE01R3Q
— John Basham 🇺🇲 (@JohnBasham) December 15, 2020