Last Updated on February 17, 2022
Months after the 2020 US election, new reports have emerged indicating that Chinese hackers exploited SolarWinds software to access government computers.
According to a report by Reuters, the FBI has learned that the National Finance Center was affected by the cyber attack, potentially compromising thousands of government employees in what is now believed to be a Chinese operation.
Per the NFC website, the agency provides payroll services to more than 600,000 federal employees whose banking information, email addresses, phone numbers, and social security numbers are held in their records.
The perpetrators are believed to have used “computer infrastructure and hacking tools previously deployed by state-backed Chinese cyberspies” supposedly “at the same time as the alleged Russian hack.” It appears that the alleged Chinese hackers exploited a bug within the compromised Orion platform to “spread across” networks.
The full extent of this supposed operation is currently unknown, including exactly how many government agencies were impacted.
While the Reuters report said “the suspected connection to China and ensuing U.S. government breach have not been previously reported,” it is worth noting that National File has reported multiple times on the increasingly revealing connections between the SolarWinds breach and Communist China.
Back in May, SolarWinds partnered with M.Tech “to solve IT challenges and monitor, manage, and secure their applications, servers, data, infrastructure, and networks across on-premises, hybrid, and multi-cloud environments,” in China shortly after the company was breached. SolarWinds has 4 Chinese distribution partners along with M.Tech including Westcon Solutions China, Kunlan Solutions (China) Inc, and Beijing KaiYao Co.,Ltd, as National File reported.
Just days before the initial announcement of the cyberattack, SolarWinds investors Silver Lake and Thoma Bravo sold $280 million dollars in SolarWinds shares, raising suspicions of insider trading. SolarWinds board member Ken Hao “led the establishment” of Silver Lake, a 75 billion dollar equity firm, into China, as National File reported.
SolarWinds board member Seth Boro, who according to SolarWinds “currently serves on the board of directors of several software and technology service companies in which certain investment funds advised by Thoma Bravo hold an investment,” bought JD Power from XIO Group, a mysterious Chinese company, for $1.8 billion dollars just months before the cyber attack, as National File reported.
“Most XIO employees knew little about where its funding came from. Some advisers to XIO received differing accounts.
The J.D. Power deal was completed amid a wave of overseas acquisitions by cash-rich, privately owned Chinese companies. Some of them have unclear ownership structures that bankers and lawyers say can be a source of confusion.”
National File confirmed on December 17 that Dominion Voting Systems uses SolarWinds Serv-U product. DVS denied using the compromised Orion software, but they did remove references and links to SolarWinds off their website amid reports of the breach.
On December 19, President Donald Trump said on Twitter that China “may be responsible” for the SolarWinds cyberattack, but that the mainstream media would not admit it “due to financial reasons.”
These new revelations come weeks after former DNI John Ratcliffe confirmed that China had sought to interfere in the 2020 US election in a letter written to Congress, in which he said that information relating to Chinese election interference was suppressed by high level officials at the CIA, as National File reported.
National File will continue to uncover the truth as more evidence of China’s connection to the disastrous SolarWinds cyber attack comes to surface.