U.S. government was hit with a seemingly new kind of cyber attack

December 14, 2020

The U.S. government was hit with a seemingly new kind of cyber attack that gave hackers access to sensitive email systems possibly as early as March. The attack was only discovered this weekend, according to Reuters, whose cybersecurity reporter Chris Bing broke the story Sunday afternoon. And its discovery was “so serious it led to a National Security Council meeting at the White House on Saturday,” Bing reports. 

Rewind: You may remember last week the cybersecurity firm FireEye announced that it had been hacked by an unknown “nation-state.” The new discovery of these federal-level breaches is the result of FireEye’s post-attack forensics, which you can read in full, here

Known targets (so far) include the U.S. Treasury and Commerce Departments, according to the Wall Street Journal. Those targets appear to have been hit thanks to a malicious software update apparently secretly injected into Orion technology management software products from the Austin-based network-management firm SolarWinds. The New York Times described it as “one of the most sophisticated and perhaps largest hacks in more than five years.” 

In other words, this appears to be a potentially wide-scale “supply chain hack,” which are quite difficult operations that can require many months of planning and long-game strategizing to align the right personnel and skill sets for just the right opportunity. And it’s all very serious because by noon today, every federal agency that uses SolarWinds products must shut it down — and submit a “completion report” to the Department of HS.

Feds scramble amid biggest hack in years; COVID vaccine arrives; NDAA passes over veto threat; Electors vote today; And a bit more.

The D Brief

The D Brief
D

Problems viewing? December 14, 2020

The U.S. government was hit with a seemingly new kind of cyber attack that gave hackers access to sensitive email systems possibly as early as March. The attack was only discovered this weekend, according to Reuters, whose cybersecurity reporter Chris Bing broke the story Sunday afternoon. And its discovery was “so serious it led to a National Security Council meeting at the White House on Saturday,” Bing reports. 

Rewind: You may remember last week the cybersecurity firm FireEye announced that it had been hacked by an unknown “nation-state.” The new discovery of these federal-level breaches is the result of FireEye’s post-attack forensics, which you can read in full, here

Known targets (so far) include the U.S. Treasury and Commerce Departments, according to the Wall Street Journal. Those targets appear to have been hit thanks to a malicious software update apparently secretly injected into Orion technology management software products from the Austin-based network-management firm SolarWinds. The New York Times described it as “one of the most sophisticated and perhaps largest hacks in more than five years.” 

In other words, this appears to be a potentially wide-scale “supply chain hack,” which are quite difficult operations that can require many months of planning and long-game strategizing to align the right personnel and skill sets for just the right opportunity. And it’s all very serious because by noon today, every federal agency that uses SolarWinds products must shut it down — and submit a “completion report” to the Department of Homeland Security. 

Sponsored by Akima

Getting Closer to the Mission: How Edge Computing is Transforming Federal IT

In an environment where “real-time” data processing is no longer real enough, edge computing is quickly becoming an invaluable technical resource across the federal government. This white paper reviews the four major types of edge computing, their key benefits, and how they can be applied in real-world settings in the federal government. View the White Paper.

Atop the list of likely culprits: Russia’s foreign-intelligence service, according to the Journal. “Hackers believed to be working for Russia” is how Reuters describes the suspects. “[A]lmost certainly a Russian intelligence agency,” the Times reports. (For the record, Russia’s foreign ministry says the allegations are unsubstantiated. More from Russian state-sponsored media, here.)

SolarWinds says its customers include all five branches of the U.S. military, the Pentagon, State Department, NASA, NSA, the Postal Service, NOAA, the Department of Justice, and the Office of the President of the United States. They also serve more than 400 of Fortune’s top 500 companies, including Lockheed Martin, as well as “All five of the top five US accounting firms,” “All ten of the top ten US telecommunications companies,” and “Hundreds of universities and colleges worldwide.”

“This is a much bigger story than one single agency,” one person familiar with the matter told Reuters. “This is a huge cyber espionage campaign targeting the U.S. government and its interests.”

On the bright side, FireEye officials told the Journal “the attacks weren’t like a worm that automatically attacks different systems and that, instead, each individual attempted intrusion required ‘meticulous planning and manual interaction.'”

What now? Every single federal civilian agency needs “to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately,” the Cybersecurity and Infrastructure Security Agency said in an emergency alert Sunday evening. Meanwhile, multiple federal agencies are investigating. And that includes the FBI and FireEye. 

Don’t be surprised if that target list grows substantially — beyond the Treasury and Commerce departments — over the next several days, prominent infosec specialists Dmitri Alperovitch and Jake Williams told the Associated Press. More here

For your ears only: Go back in time to review the history of cyberwarfare with the last episode in our three-part podcast series from the summer of 2019. In it you’ll learn, at least in part, how Alperovitch’s own professional history parallels some of Russia and China’s biggest and most impactful hacks in the 21st century. Grab your headphones and start listening here.  Latest From Defense One

US Embassies Were Hit with High-Power Microwaves. Here’s How That Works // Edl Schamiloglu, The Conversation: A National Academies report sheds some light on the mysterious ailments that have afflic

Published by technofiend1

Kazan- Kazan National Research Technical University Казанский национальный исследовательский технический университет имени А. Н. Туполева he graduated in Economics in 1982

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: