Suspected Russian hacking spree used another major tech supplier -sources

[webfact]

Suspected Russian hacking spree used another major tech supplier -sources

By Joseph Menn

 

FILE PHOTO: SolarWinds Corp banner hangs at the New York Stock Exchange (NYSE) on the IPO day of the company in New York, U.S., October 19, 2018. REUTERS/Brendan McDermid/File Photo

 

SAN FRANCISCO (Reuters) -The massive hacking campaign disclosed by U.S. officials this week and tentatively attributed to the Russian government extended beyond users of pervasive network software made by SolarWinds that had been compromised.

 

Another major technology supplier was also compromised by the same attack team and used to get into high-value final targets, according to two people briefed on the matter.

 

The FBI and other agencies have scheduled a classified briefing for members of Congress Friday.

 

The U.S. Energy Department also said they have evidence hackers gained access to their networks as part of a massive cyber campaign. Politico had earlier reported the National Nuclear Security Administration, which manages the country's nuclear weapons stockpile, was targeted.

 

An Energy Department spokeswoman said malware "has been isolated to business networks only" and had not impacted U.S. national security, including the NNSA.

 

The Department of Homeland Security said in a bulletin on Thursday the spies had used other techniques besides corrupting updates of network management software by SolarWinds, which is used by hundreds of thousands of companies and government agencies.

 

"The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged," said DHS's Cybersecurity and Infrastructure Security Agency, referring to "advanced persistent threat" adversaries.

 

CISA urged investigators not to assume their organizations were safe if they did not use recent versions of the SolarWinds software, while also pointing out that the hackers did not exploit every network they did gain access too.

 

CISA said it was continuing to analyze the other avenues used by the attackers. So far, the hackers are known to have at least monitored email or other data within the U.S. departments of Defense, State, Treasury, Homeland Security and Commerce.

 

As many as 18,000 Orion customers downloaded the updates that contained a back door. Since the campaign was discovered, software companies have cut off communication from those back doors to the computers maintained by the hackers.

 

But the attackers might have installed additional ways of maintaining access in what some have called the biggest hack in a decade.

 

For that reason, officials said that security teams should communicate through special channels to ensure that their own detection and remediation efforts are not being monitored.

 

The Department of Justice, FBI and Defense Department, among others, have moved routine communication onto classified networks that are believed not to have been breached, according to two people briefed on the measures. They are assuming that the nonclassified networks have been accessed.

 

CISA and private companies including FireEye, which was the first to discover and reveal it had been hacked, have released a series of clues for organizations to look for to see if they have been hit.

 

But the attackers are very careful and have deleted logs, or electronic footprints or which files they have accessed. That makes it hard to know what has been taken.

 

Some major companies have issued carefully worded statements saying that they have "no evidence" that they were penetrated, but in some cases that may only be because the evidence was removed.

 

In most networks, the attackers would also have been able to create false data, but so far it appears they were interested only in obtaining real data, people tracking the probes said.

 

Meanwhile, members of Congress are demanding more information about what may have been taken and how, along with who was behind it. The House Homeland Security Committee and Oversight Committee announced an investigation Thursday, while senators pressed to learn whether individual tax information was obtained.

 

In a statement, President-elect Joe Biden said he would "elevate cybersecurity as an imperative across the government" and "disrupt and deter our adversaries" from undertaking such major hacks.

 

(Reporting by Joseph Menn and Chris Bing; Editing by Lisa Shumaker)

 

-- © Copyright Reuters 2020-12-18

 

- Whatever you're going through, the Samaritans are here for you

- Follow Thaivisa on LINE for breaking COVID-19 updates

[tonray]

I guess the Russians needed to develop new sources now that Trump is on the way out.

[Tug]

It’s a big deal damage is still being assessed lots went wrong on trumps watch what a disaster on every level and in every way a true fubar 

[Chomper Higgot]

Silence from the WH.

 

But then what should we expect from Trump who stood before the world’s press and openly backed Putin over the US intelligence and security services.

 

Don’t be at all surprised that if he does address this he backs Russia.

[tonray]

This was Putin's message to Trump that he has outlived his usefullness. Wondering when the compromising info will be released.

[Scott]

Off-topic, troll post and replies removed.  Stay on topic, please.

 

[Phoenix Rising]

Trump remains silent as massive cyber hack poses 'grave risk' to government

 

"It's unclear when, if at all, Trump may have been briefed on the latest hack, nor is it clear how engaged Trump has been in responding. He has left all public responses to members of his Cabinet and administration. And despite a healthy pace of tweets about the election results and his false claims of voter fraud, he has not issued any message about the hack.

[nausea]

One thing I noticed about Russians is that a lot of them are highly educated. Go to your strengths. The US dumb down culture may yet be their undoing. Im not even thinking of China and India. 

[simple1]

11 minutes ago, nausea said:

One thing I noticed about Russians is that a lot of them are highly educated. Go to your strengths. The US dumb down culture may yet be their undoing. Im not even thinking of China and India. 

 

I worked it the IT industry for a number of years. US R&D and IP is outstanding, I do believe your critique is unfair. We don't know the level of penetration by US and other Western security agencies into Russian and other hostile countries infrastructure and agencies, but I suggest, if circumstances warranted, they would achieve their objectives.

[nausea]

9 minutes ago, simple1 said:

 

I worked it the IT industry for a number of years. US R&D and IP is outstanding, I do believe your critique is unfair. We don't know the level of penetration by US and other Western security agencies into Russian and other hostile countries infrastructure and agencies, but I suggest, if circumstances warranted, they would achieve their objectives.

Fair enough, I'm a layman. 

[dexterm]

The Russians have been penetrating US security since March undetected. That's the cyber equivalent of a Russian bomber flying freely above US skies.
Trump's response...zero.

US records more covid deaths in a single day than the 911 terrorist attack.
Trump's response...zilch.

 

He's too busy peddling fake conspiracy theories about election fraud to help him fight for a job that he is clearly not doing.

 

Good riddance,Trump..the worst president in US history!

[ChouDoufu]

seems.....convenient.

 

evil mastermind putin goes on a massive hacking spree just as a new administration is preparing to be installed in washington, just in time to poison the prospects for improved relations.

 

and.....conveniently....employs a software provider associated with dominion voting machines, effectively breathing new life into the ever-debunked claims of massive hugo chavezian vote-rigging.

 

 

[Jack Mountain]

O  o o o What do I feel pity with the US. LOL

[ThaiFelix]

15 hours ago, webfact said:

tentatively attributed to the Russian government

Amazing article.  The Russians are blamed in the headline and yet there is no evidence and they only get mentioned using 5 words in a two page article??  

[Traubert]

29 minutes ago, ThaiFelix said:

Amazing article.  The Russians are blamed in the headline and yet there is no evidence and they only get mentioned using 5 words in a two page article??  

Its not much of an article. They are keeping China up their sleeves until the Xinjiang story runs out of puff.

[GrandPapillon]

the hack has been going for years, possibly decades

 

even the Pentagon is compromised,

[Tug]

14 hours ago, dexterm said:

The Russians have been penetrating US security since March undetected. That's the cyber equivalent of a Russian bomber flying freely above US skies.
Trump's response...zero.

US records more covid deaths in a single day than the 911 terrorist attack.
Trump's response...zilch.

 

He's too busy peddling fake conspiracy theories about election fraud to help him fight for a job that he is clearly not doing.

 

Good riddance,Trump..the worst president in US history!

Sir you are far to kind!still no statement from trump on this grevious threat to our national security guess he’s to busy grifting the ...........his..........errr......(base).......

[Jeffr2]

9 hours ago, ThaiFelix said:

Amazing article.  The Russians are blamed in the headline and yet there is no evidence and they only get mentioned using 5 words in a two page article??  

From other articles, it's been said this hack has the same characteristics of other Russian hacks.  Seems they are quite sure it was Russia.  Just not publicly announcing it yet.  Probably because Trump's busy out playing golf.

 

https://www.nytimes.com/2020/12/17/us/politics/russia-cyber-hack-trump.html?action=click&module=Well&pgtype=Homepage&section=Technology

Quote

Officials have yet to publicly name the attacker responsible, but intelligence agencies have told Congress that they believe it was carried out by the S.V.R., an elite Russian intelligence agency. A Microsoft “heat map” of infections shows that the vast majority — 80 percent — are in the United States, while Russia shows no infections at all.

 

[stevenl]

Trump is pointing at china while pompeo is accusing russia. At the same time Trump is also saying the voting machines may have been hacked by china.

 

https://m.dw.com/en/trump-downplays-massive-us-cyberattack-points-to-china/a-55996519?maca=en-rss-en-world-4025-rdf

[candide]

5 minutes ago, stevenl said:

Trump is pointing at china while pompeo is accusing russia. At the same time Trump is also saying the voting machines may have been hacked by china.

 

https://m.dw.com/en/trump-downplays-massive-us-cyberattack-points-to-china/a-55996519?maca=en-rss-en-world-4025-rdf

Lol! Every time Russia is accused orsuspevted, Trump tries to divert attention to another country: Ukraine, China, etc...

[GrandPapillon]

36 minutes ago, stevenl said:

Trump is pointing at china while pompeo is accusing russia. At the same time Trump is also saying the voting machines may have been hacked by china.

 

https://m.dw.com/en/trump-downplays-massive-us-cyberattack-points-to-china/a-55996519?maca=en-rss-en-world-4025-rdf

I mean why not, everything is possible in the cyberworld

[stevenl]

22 minutes ago, GrandPapillon said:

I mean why not, everything is possible in the cyberworld

All US intelligence agencies are pointing at russia, seems the signature was pretty clear.

There was no hacking in the elections.

 

Just the usual Trump falsehoods, again swallowed by his followers.

[GrandPapillon]

1 minute ago, stevenl said:

All US intelligence agencies are pointing at russia, seems the signature was pretty clear.

There was no hacking in the elections.

 

Just the usual Trump falsehoods, again swallowed by his followers.

US intelligence have been wrong before, ie. Iraq WMD ????

[candide]

37 minutes ago, GrandPapillon said:

US intelligence have been wrong before, ie. Iraq WMD ????

It has been wrong on order! Dick Cheney has been initially quite angry at the CIA because they failed to provide him with the intelligence he expected. Eventually, the CIA complied.

[simple1]

trump has downplayed / deflected Russian involvement with the latest round of hacking, again contrary to advise from US intelligence and SecDef. It will be interesting to understand what motivates trump to contradict his own people - wonder if the facts will ever reach the light of day...

 

https://www.msnbc.com/weekends-with-alex-witt/watch/trump-tweet-downplays-russia-hack-implicates-china-98074181766

[Sujo]

3 hours ago, GrandPapillon said:

US intelligence have been wrong before, ie. Iraq WMD ????

Has trump ever been right?

 

On what basis do you think trump is correct ans intelligence agencies are wrong. Did putin tell him?

[Jeffr2]

3 hours ago, GrandPapillon said:

US intelligence have been wrong before, ie. Iraq WMD ????

But they are not wrong this time.  Admit it.

[Chomper Higgot]

On 12/18/2020 at 7:26 AM, Chomper Higgot said:

Silence from the WH.

 

But then what should we expect from Trump who stood before the world’s press and openly backed Putin over the US intelligence and security services.

 

Don’t be at all surprised that if he does address this he backs Russia.

Well I called that right didn’t I:

 

https://www.forbes.com/sites/tommybeer/2020/12/19/trump-still-wont-criticize-russia-claims-massive-cyber-hack-may-be-china-but-offers-no-evidence/?sh=11b915d2708a

 

Now fir for my next call:

 

Silence from Trump’s supporters and if they do have anything to say they’ll blame China.

[Chomper Higgot]

4 hours ago, GrandPapillon said:

US intelligence have been wrong before, ie. Iraq WMD ????

The mistake the CIA made was following orders to overstate evidence to match the objectives of the Bush administration plan to invade Iraq.

[Phoenix Rising]

trump still protecting the boss in Moscow:

 

Trump downplays massive cyber hack on government after Pompeo links attack to Russia