UK Use of Software Linked To Russia-Hack Runs Deep

The little-known Texas software company that’s been attacked by suspected Russian hackers has a sprawling reach among U.K. government agencies, potentially putting clients from the National Health Service to police forces at risk. From a report: SolarWinds, which fell victim to hackers who put a “backdoor” in the software giving them access to users’ computer networks, has been deployed by the U.K.’s Ministry of Justice and the intelligence and security organization GCHQ. Procurement records also show that police forces from Scotland to Cornwall have also used the software. The Home Office, which oversees policing, posted a job opening for a software engineer for the “implementation of a fully resilient platform and architecture SolarWinds Orion monitoring system based upon the upgrade of the existing installation” in 2018. “We are continuing to investigate this incident and have produced guidance for SolarWinds’ Orion suite customers,” said a spokesperson for the U.K. National Cybersecurity Centre. Representatives for the Home Office and the Ministry of Justice referred requests for comment to the NCSC. “We have issued a high severity alert to the NHS which explains the action to take to mitigate this threat,” a spokesperson for NHS said in a statement. “We have been working closely with the National Cyber Security Centre to investigate this issue robustly. So far, we have no indication of any malicious activity, but our investigation is ongoing.”