CISA issues rare emergency directive after suspected Russian hacking campaign

The big picture: News of the hack came less than week after cybersecurity company FireEye revealed that nation-state hackers had penetrated its network and stolen its hacking its tools.

• The Washington Post reported that the Russian hacking group APT29, also known as Cozy Bear and believed to have ties to Russia's Foreign Intelligence Service (SVR), is behind the campaign.
• SolarWinds, the company whose software is believed to have been compromised, says it has 300,000 customers worldwide, including "all five branches of the U.S. military, the Pentagon, the State Department, NASA, the National Security Agency, the Department of Justice and the White House," per AP.

What they're saying: "Based on our analysis, we have now identified multiple organizations where we see indications of compromise dating back to the Spring of 2020, and we are in the process of notifying those organizations," FireEye wrote in a blog post.

• "Our analysis indicates that these compromises are not self-propagating; each of the attacks require meticulous planning and manual interaction.

Worth noting: President Trump fired the previous director of CISA, Christopher Krebs, last month after Krebs undermined him by calling the U.S. election "the most secure in American history."