OLYMPIA — The agency that handles technology for Washington state government is responding to “known security vulnerabilities” to its systems after the federal government issued warnings that software had been breached in what could have been an attack by Russian hackers.
Washington Technology Solutions, the state agency known as WaTech, is responding to the warning by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), according to the office of Gov. Jay Inslee.
CISA on Sunday announced an emergency directive for “a known compromise involving SolarWinds Orion products … exploited by malicious actors.”
It advised federal government agencies “to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.”
Washington state government “leverages this tool set as part of its IT operations and is taking steps to address known security vulnerabilities,” according to a WaTech statement passed along by Inslee’s office.
“At this time, WaTech’s state Office of Cybersecurity (OCS) is responding to the incident to ensure the mitigation steps are completed and to safeguard state systems,” the statement continued.
“This situation is fluid, and we are following the guidance of our federal partners and vendors in the intelligence community on how to address this issue,” the statement added.
In an email, Andrew Garber, a spokesperson for WaTech, wrote that the agency uses the SolarWinds Orion Platform to monitor their network.
The state does not give details about the IT network for security reasons, Garber wrote, but “There are currently no known impacts to state services.”
A 2018 report conducted for WaTech noted that SolarWinds products were used for several tasks, such as tracking and measuring “server up-time” and “for monitoring network status.”
Tuesday’s revelation comes after hackers breached the networks of the U.S. Treasury and Commerce departments as part of a monthslong global cyberespionage campaign … in an attack that industry experts said bore the hallmarks of Russian tradecraft, according to news reports.
In response to that, CISA, which is a part of the U.S. Department of Homeland Security, issued its emergency directive.