Jump to content

Suspected Russian hacking spree used another major tech supplier -sources


Recommended Posts

Posted

Suspected Russian hacking spree used another major tech supplier -sources

By Joseph Menn

 

2020-12-17T193402Z_2_LYNXMPEGBG1RA_RTROPTP_4_GLOBAL-CYBER-SOLARWINDS.JPG

FILE PHOTO: SolarWinds Corp banner hangs at the New York Stock Exchange (NYSE) on the IPO day of the company in New York, U.S., October 19, 2018. REUTERS/Brendan McDermid/File Photo

 

SAN FRANCISCO (Reuters) -The massive hacking campaign disclosed by U.S. officials this week and tentatively attributed to the Russian government extended beyond users of pervasive network software made by SolarWinds that had been compromised.

 

Another major technology supplier was also compromised by the same attack team and used to get into high-value final targets, according to two people briefed on the matter.

 

The FBI and other agencies have scheduled a classified briefing for members of Congress Friday.

 

The U.S. Energy Department also said they have evidence hackers gained access to their networks as part of a massive cyber campaign. Politico had earlier reported the National Nuclear Security Administration, which manages the country's nuclear weapons stockpile, was targeted.

 

An Energy Department spokeswoman said malware "has been isolated to business networks only" and had not impacted U.S. national security, including the NNSA.

 

The Department of Homeland Security said in a bulletin on Thursday the spies had used other techniques besides corrupting updates of network management software by SolarWinds, which is used by hundreds of thousands of companies and government agencies.

 

"The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged," said DHS's Cybersecurity and Infrastructure Security Agency, referring to "advanced persistent threat" adversaries.

 

CISA urged investigators not to assume their organizations were safe if they did not use recent versions of the SolarWinds software, while also pointing out that the hackers did not exploit every network they did gain access too.

 

CISA said it was continuing to analyze the other avenues used by the attackers. So far, the hackers are known to have at least monitored email or other data within the U.S. departments of Defense, State, Treasury, Homeland Security and Commerce.

 

As many as 18,000 Orion customers downloaded the updates that contained a back door. Since the campaign was discovered, software companies have cut off communication from those back doors to the computers maintained by the hackers.

 

But the attackers might have installed additional ways of maintaining access in what some have called the biggest hack in a decade.

 

For that reason, officials said that security teams should communicate through special channels to ensure that their own detection and remediation efforts are not being monitored.

 

The Department of Justice, FBI and Defense Department, among others, have moved routine communication onto classified networks that are believed not to have been breached, according to two people briefed on the measures. They are assuming that the nonclassified networks have been accessed.

 

CISA and private companies including FireEye, which was the first to discover and reveal it had been hacked, have released a series of clues for organizations to look for to see if they have been hit.

 

But the attackers are very careful and have deleted logs, or electronic footprints or which files they have accessed. That makes it hard to know what has been taken.

 

Some major companies have issued carefully worded statements saying that they have "no evidence" that they were penetrated, but in some cases that may only be because the evidence was removed.

 

In most networks, the attackers would also have been able to create false data, but so far it appears they were interested only in obtaining real data, people tracking the probes said.

 

Meanwhile, members of Congress are demanding more information about what may have been taken and how, along with who was behind it. The House Homeland Security Committee and Oversight Committee announced an investigation Thursday, while senators pressed to learn whether individual tax information was obtained.

 

In a statement, President-elect Joe Biden said he would "elevate cybersecurity as an imperative across the government" and "disrupt and deter our adversaries" from undertaking such major hacks.

 

(Reporting by Joseph Menn and Chris Bing; Editing by Lisa Shumaker)

 

reuters_logo.jpg

-- © Copyright Reuters 2020-12-18
 
Posted

One thing I noticed about Russians is that a lot of them are highly educated. Go to your strengths. The US dumb down culture may yet be their undoing. Im not even thinking of China and India. 

  • Like 1
  • Thanks 1
Posted
9 minutes ago, simple1 said:

 

I worked it the IT industry for a number of years. US R&D and IP is outstanding, I do believe your critique is unfair. We don't know the level of penetration by US and other Western security agencies into Russian and other hostile countries infrastructure and agencies, but I suggest, if circumstances warranted, they would achieve their objectives.

Fair enough, I'm a layman. 

  • Like 2
Posted
15 hours ago, webfact said:

tentatively attributed to the Russian government

Amazing article.  The Russians are blamed in the headline and yet there is no evidence and they only get mentioned using 5 words in a two page article??  

  • Like 1
  • Thanks 1
Posted
29 minutes ago, ThaiFelix said:

Amazing article.  The Russians are blamed in the headline and yet there is no evidence and they only get mentioned using 5 words in a two page article??  

Its not much of an article. They are keeping China up their sleeves until the Xinjiang story runs out of puff.

  • Like 1
Posted
14 hours ago, dexterm said:

The Russians have been penetrating US security since March undetected. That's the cyber equivalent of a Russian bomber flying freely above US skies.
Trump's response...zero.


US records more covid deaths in a single day than the 911 terrorist attack.
Trump's response...zilch.

 

He's too busy peddling fake conspiracy theories about election fraud to help him fight for a job that he is clearly not doing.

 

Good riddance,Trump..the worst president in US history!

Sir you are far to kind!still no statement from trump on this grevious threat to our national security guess he’s to busy grifting the ...........his..........errr......(base).......

Posted
5 minutes ago, stevenl said:

Trump is pointing at china while pompeo is accusing russia. At the same time Trump is also saying the voting machines may have been hacked by china.

 

https://m.dw.com/en/trump-downplays-massive-us-cyberattack-points-to-china/a-55996519?maca=en-rss-en-world-4025-rdf

Lol! Every time Russia is accused orsuspevted, Trump tries to divert attention to another country: Ukraine, China, etc...

  • Like 1
Posted
1 minute ago, stevenl said:

All US intelligence agencies are pointing at russia, seems the signature was pretty clear.

There was no hacking in the elections.

 

Just the usual Trump falsehoods, again swallowed by his followers.

US intelligence have been wrong before, ie. Iraq WMD ????

  • Thanks 1
  • Haha 1
Posted
3 hours ago, GrandPapillon said:

US intelligence have been wrong before, ie. Iraq WMD ????

But they are not wrong this time.  Admit it.

  • Like 1
  • Thanks 1
Posted
On 12/18/2020 at 7:26 AM, Chomper Higgot said:

Silence from the WH.

 

But then what should we expect from Trump who stood before the world’s press and openly backed Putin over the US intelligence and security services.

 

Don’t be at all surprised that if he does address this he backs Russia.

Well I called that right didn’t I:

 

https://www.forbes.com/sites/tommybeer/2020/12/19/trump-still-wont-criticize-russia-claims-massive-cyber-hack-may-be-china-but-offers-no-evidence/?sh=11b915d2708a

 

Now fir for my next call:

 

Silence from Trump’s supporters and if they do have anything to say they’ll blame China.

Posted
4 hours ago, GrandPapillon said:

US intelligence have been wrong before, ie. Iraq WMD ????

The mistake the CIA made was following orders to overstate evidence to match the objectives of the Bush administration plan to invade Iraq.

  • Like 1
  • Thanks 1

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...