Cyber Attacks On US Government - New Evidence

Uploaded on 2021-01-04 in TECHNOLOGY--Hackers, NEWS-News Analysis, GOVERNMENT-National, FREE TO VIEW

The wide ranging and successful cyber attacks on US government agencies and numerous private companies, including Microsoft, widely believed to have been undertaken by state-sponsored Russian hackers which was  first reported in December 2020, may in fact have begun much earlier. 

US investigators originally thought that the attacks on government agencies and private industry targets began in March or April 2020, including breaches of Treasury, State, Commerce and Energy Departments. The Treasury and Commerce departments were both confirmed as having been affected and others may have been breached. 

The hack, which may still be ongoing, appears to have begun as long ago as October 2019, when hackers first breached the Texas software company SolarWinds, which provides technology monitoring services to government agencies and 425 of the Fortune 500 companies. The hacking campaign entered US government and private systems by surreptitiously tampering  with and inserting malware into  updates released by SolarWinds. 

The attacks work by hiding malicious code in the body of legitimate software updates that are provided to the hacking targets by third parties. That malicious code gave the highly professional hackers remote access to an organization’s networks so they could steal information. State-backed Russian hackers were identified as the suspects, although Russia has firmly denied any involvement.

Microsoft said that the hackers were unable to get into emails or its products and services and that they were not able to modify the company's vital  source code which they were able to view, Microsoft did not say how long hackers were inside its networks and initially denied that it was breached in the attack.

Hackers gained entry into networks by getting more than 18,000 private and government users to download a tainted software update. Once inside, they were able to monitor internal emails at some of the top agencies in the US. “We still don’t have for the private sector, or for that matter the public sector, any mandatory reporting” on major hacking incidents, said senator Mark  Warner, Vice-Chair of the Senate Intelligence Committee  said. “The amount of time it’s taking to assess the (latest) attack, it is taking longer than we would like to take,” he added. Warner also said the lack of US laws and policy to counter such major hacks is the product of a “lack of policy" that precedes the Trump administration. 

The massive data breach, revealed in the final weeks of Trump's administration is a dramatic finale for the Trump Presidency which has been accused of excessive deference to Russia and unsuccessful attempts to warm relations with President, Vladimir Putin. "There has been obviously a reluctance out of this White House to call out Russia repeatedly.... I don’t believe that is a problem of the intelligence community. I think that is a problem of the White House" Senator Warner told reporters.

This large scale and sophisticated operation is perhaps the biggest known cyber attack against against US federal government networks in years. 

New York Times:      CNN:      Yahoo:        Guardian:          Reuters:

You Might Also Read:

Is This The Hack Of The Decade?:

 

« Cyber Security In 2021 - Predictions & Trends
Six Big Features Of Cyber Security In 2021 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Splunk

Splunk

Splunk provide real-time Security Information & Event Management solutions for Enterprise Networks, Cloud and small-scale IT environments

itWatch

itWatch

itWatch is focused on data loss prevention (DLP), endpoint security, mobile security, encryption, and cost reducing solutions for IT operations.

Muninn

Muninn

At Muninn (aka Wehowsky), we specialize in mitigating potential risks within your network, providing one of the leading network detection and response (NDR) solutions on the market.

Secret Double Octopus

Secret Double Octopus

Secret Double Octopus offers the world’s only keyless multi-shield authentication technology for users and things.

Carbide

Carbide

Carbide (formerly Securicy) breaks down enterprise-class security and privacy requirements and makes them accessible to, and achievable by, companies of all sizes.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

GCHQ Apprenticeships

GCHQ Apprenticeships

GCHQ, the UK intelligence and security organisation, offers a unique three-year Cyber Security Degree Apprenticeship with employment on successful completion.

Aurora Systems Consulting

Aurora Systems Consulting

Aurora is a Cybersecurity solutions provider with a portfolio consisting of security consulting, products and services that proactively prevent, secure and manage advanced threats and malware.

Data#3 Limited (DTL)

Data#3 Limited (DTL)

Data#3 Limited (DTL) is a leading Australian IT services and solutions provider.

Conseal Security

Conseal Security

Mobile app security testing done well. Conseal Security are specialists in mobile app penetration testing. Our expert-led security analysis quickly finds security vulnerabilities in your apps.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

Recon InfoSec

Recon InfoSec

The Recon InfoSec team includes analysts, architects, engineers, intrusion specialists, penetration testers, and operations experts.

ProArch

ProArch

ProArch is a global team of multidisciplinary experts in cloud, infrastructure, data analytics, cybersecurity, compliance, and software development.

Gilsbar

Gilsbar

For more than half a century, Gilsbar has offered insurance service solutions and support for businesses and their employees.

OneCollab

OneCollab

OneCollab, your unwavering ally in the dynamic landscape of IT services and cybersecurity.

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Auto-ISAC provides a forum for companies to analyze and identify threats sooner and share solutions that enhance vehicle cybersecurity.