Cyber Attacks On US Government - New Evidence

Uploaded on 2021-01-04 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

The wide ranging and successful cyber attacks on US government agencies and numerous private companies, including Microsoft, widely believed to have been undertaken by state-sponsored Russian hackers which was  first reported in December 2020, may in fact have begun much earlier. 

US investigators originally thought that the attacks on government agencies and private industry targets began in March or April 2020, including breaches of Treasury, State, Commerce and Energy Departments. The Treasury and Commerce departments were both confirmed as having been affected and others may have been breached. 

The hack, which may still be ongoing, appears to have begun as long ago as October 2019, when hackers first breached the Texas software company SolarWinds, which provides technology monitoring services to government agencies and 425 of the Fortune 500 companies. The hacking campaign entered US government and private systems by surreptitiously tampering  with and inserting malware into  updates released by SolarWinds. 

The attacks work by hiding malicious code in the body of legitimate software updates that are provided to the hacking targets by third parties. That malicious code gave the highly professional hackers remote access to an organization’s networks so they could steal information. State-backed Russian hackers were identified as the suspects, although Russia has firmly denied any involvement.

Microsoft said that the hackers were unable to get into emails or its products and services and that they were not able to modify the company's vital  source code which they were able to view, Microsoft did not say how long hackers were inside its networks and initially denied that it was breached in the attack.

Hackers gained entry into networks by getting more than 18,000 private and government users to download a tainted software update. Once inside, they were able to monitor internal emails at some of the top agencies in the US. “We still don’t have for the private sector, or for that matter the public sector, any mandatory reporting” on major hacking incidents, said senator Mark  Warner, Vice-Chair of the Senate Intelligence Committee  said. “The amount of time it’s taking to assess the (latest) attack, it is taking longer than we would like to take,” he added. Warner also said the lack of US laws and policy to counter such major hacks is the product of a “lack of policy" that precedes the Trump administration. 

The massive data breach, revealed in the final weeks of Trump's administration is a dramatic finale for the Trump Presidency which has been accused of excessive deference to Russia and unsuccessful attempts to warm relations with President, Vladimir Putin. "There has been obviously a reluctance out of this White House to call out Russia repeatedly.... I don’t believe that is a problem of the intelligence community. I think that is a problem of the White House" Senator Warner told reporters.

This large scale and sophisticated operation is perhaps the biggest known cyber attack against against US federal government networks in years. 

New York Times:      CNN:      Yahoo:        Guardian:          Reuters:

You Might Also Read:

Is This The Hack Of The Decade?:

 

« Cyber Security In 2021 - Predictions & Trends
Six Big Features Of Cyber Security In 2021 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Solarflare

Solarflare

Solarflare is a leading provider of intelligent networking I/O software and hardware platforms that accelerate, monitor and secure network data.

Patchstack

Patchstack

Patchstack (formerly WebARX) is a web application security platform, which allows digital agencies and developers to monitor, protect and maintain their websites.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

Relution

Relution

Relution is the Unified Endpoint Management platform for innovative companies and educational institutions. It enables you to manage your mobile apps and devices easily and securely.

National Forensic Sciences University (NFSU)

National Forensic Sciences University (NFSU)

National Forensic Sciences University is the world’s first and only University dedicated to Digital Forensic and allied Sciences.

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic's main goal is toward establishing an international reference centre for excellence in the field of digital forensics and data recovery services.

ISA Global Cybersecurity Alliance (ISAGCA)

ISA Global Cybersecurity Alliance (ISAGCA)

Objectives of the ISA Global Cybersecurity Alliance include the acceleration and expansion of standards, certification, education programs, advocacy efforts, and thought leadership.

Kindus

Kindus

Kindus is an IT security, assurance and cyber security risk management consultancy.

Forever Group

Forever Group

Forever Group is a Managed Services Provider specialising in Telecommunications, IT Support, and Cyber Security.

IntelliGenesis

IntelliGenesis

IntelliGenesis provide comprehensive cyber, data science, analysis, and software development services that provide tailored, secure solutions for your critical data and intelligence needs.

QGroup

QGroup

QGroup has been re-designing the consultancy industry since 2012. We're a rapidly expanding group of consulting companies that deliver bespoke IT services including cybersecurity.

Cyber Command - Romania

Cyber Command - Romania

Cyber Command represents the military authority responsible for the development, protection and resilience of military IT networks and services that support the Romanian Force Structure.

Quantropi

Quantropi

Quantropi is bound to be the standard for quantum-secure data communications – forever unbreakable, no matter what.

Apono

Apono

Apono enables DevOps and security teams to manage access to sensitive cloud assets and data repositories in a frictionless and compliant way.

ITC Federal

ITC Federal

ITC Federal delivers IT cybersecurity assessment services to support agencies in meeting their security strategies and federal security compliance goals.

Ultima

Ultima

Ultima are on a mission to help businesses unlock their true potential by using the right IT to protect your company’s revenue and reputation – 24/7.