Dozens burned out with a single hack



Boston (AP) – Solarwinds hacking campaign Russian spies and U.S. The accusation of a “terrible threat” to national security is widely known. Even in December the integrated range of intrusions, and no less alarming – a very different one – has received significantly less public attention.

Humorous, skilled criminal hackers believed to be operating in Eastern Europe hacked dozens of companies and government agencies on at least four continents, all of which they produce.

The victims include New Zealand’s central bank, Harvard Business School, Australia’s securities regulator Australia, high-ranking US law firm Jones Day – whose clients include former president Donald Trump – rail freight company CSX and Kroger’s supermarket and pharmacy chain. The hit state auditor’s office fees were also hitIs, where the personal data of 1.3 million people who had gathered to investigate unemployment fraud were potentially exposed.

Two-stage mega-hack In December and January, Silicon Valley company Cell Xelian released a threat from popular file-transfer programs that security experts fear could get out of hand: software supply chain and intrusion services by top-flight criminals and state-backed hackers into third-parties. .

Ope operating system companies like Microsoft .ft have long been in the spotlight – thousands of installations Of its Exchange Email Server Violations have been taking place globally in the past few weeks, mostly when the patch was issued by the company and revealed that Chinese state hackers had entered the program.

Acelian’s death toll has plummeted, meanwhile, with many Russian-speaking clubs being swiftly taken over by cybercrime gangs.Is, which the researchers believe may have been purchased from hackers. Their threat: Pay or we leak your sensitive data online, whether it’s documents owned by Canadian aircraft manufacturer Bomb Bombardier or lawyer-client communications from Jones Day.

Scan is a digital age core mission in which both governments and the private sector are coming to a halt in the short term as hackers get a painful relief from the hackers easily identified by hackers through online scans.

“Attackers are finding it harder and harder to gain access through traditional methods, as vendors such as Microsoft .ft and Apple Pal have significantly tightened the security of the operating systems over the years. So, attackers have found easier ways. This means always.” The supply chain is about to go through. And as we have seen, it works, “said M Fisker Mkko Hipon, chief research officer at cybersecurity firm F-Secure.

Members of Congress Texas network management software software company Solarwinds is already fearful of a supply chain hack that did not allow suspected Russian state-backed hackers to get anyone’s attention – apparently only on intelligence-aggregation – at least through nine networks for more than half a year. Agencies and more than 100 companies and think tanks. Only in December was the Solarwinds hacking campaign discovered by cybersecurity firm FireA.

France also faced the same hack, Russian military activists have been blamed by its cyber security agency, which also played a supply chain. They slipped malware into an update to the network management software software of a firm called Celtrain, giving them a root around peaceful networks from 2017 to 2020.

It hacks into malware in both hacks and software updates. The Excelsian hack differed in one key respect: its file transfer program resided on the victim’s network as a stand-alone device or cloud-based application. Its job is to move around the file attached to the email very securely.

Mike Hamilton, Seattle’s former chief information security officer at CI Security, said the trend of exploiting third-party service providers does not show signs of slowing down as it gives criminals the highest return on their investment if they want to “compromise with broader health.” . Companies or government agencies. ”

If the company had warned customers more quickly, some would have complained, the impact of the ACCIL breach could have been lessened.

The governor of New Zealand’s central bank, Adrian Orr, says the Aussie failed to issue a warning in mid-December that the first 20-year-old FTA application – using antiquated technology and being prepared to retire – had been breached.

Although the patch was available on December 20, Axelion did not notify the bank in a timely manner to prevent its device from being breached after five days, the bank said.

“If we had been notified in a timely manner, we would have been able to support the system and prevent breaches,” the bank said in a statement posted on its website.. The stolen information included personal emails, date of birth and files with credit information, the bank said.

Similarly, Washington has no record of reporting violations of Washington state auditor’s fees until Jan. 12, the same day Axelion publicly announced, Spokeswoman Kathleen Cooper said. Axelion then said it introduced the patch to less than 50 affected customers within 72 hours of learning the breach.

The Assyrian now tells a different story. It says it has warned all 320 potential affected customers with multiple emails starting December 22 – and is followed by emails and phone calls. Company spokesman Rob Dugarty will not address the complaints of the New Zealand Central Bank and the Washington State Auditor directly. Axelion says fewer than 25 customers appear to have been victims of significant data theft.

A timeline Published on March 1 by cybersecurity firm Miant Nadiant, which hired Aselian to investigate the incident, says the company received the first word of the breach on December 16. The Washington state’s Itor Dieter says it was hacked on Christmas Day.

The issue of notification time is serious. Washington has already been the victim of lawsuits in the state of Washington, and many have called for class action against Axelion. Other organizations may also face legal or other consequences.

Last month, Harvard Business School officials emailed the affected students to tell them that some social security numbers had been tampered with as well as other personal information. Another victim, Singapore-based telecommunications company Singtel, said personal data About 129,000 customers were compromised.

Often, software companies with hundreds of programmers have only one or two security people, said Katie Maussuris, CEO of Luta Security.

“We want to say that organizations have the same investment in security. But we are really just seeing them dealing with breaches and then pledging to do better in the future. And that has been the business model for Dell. “

The attacks have “nothing to do with staffing,” said Dg Garty, a spokesman for Cell Xelian, but would not say how many people have been assigned to the company in mid-December for security.

Cyber ​​Security Threat Analysts hope that the snowballing of supply-chain hacks will make security a priority for the superior software industry. Otherwise, sellers risk a fortune in Solarwinds.

In a filing last week with the Securities and Exchange Commission, the company released a vague estimate.

It said supply chain hacks “continue to evolve rapidly” as they may be “unable to identify current attacks, anticipate future attacks or implement adequate security measures.”

Document added: Final, painful upset

“Customers have a purchase and may choose to postpone it in the future or renew or cancel their agreements or subscriptions with us.”

—-

Rachel LaCorte, an Associated Press writer at Olympia in Washington, DC, contributed to the report.

.