[ad_1]
IT giant Microsoft said on Thursday that it had informed more than 40 users affected by the malware, according to computer security experts that they could provide uninterrupted access to key government agencies, as well as power grids and other infrastructure systems.
“Significant efforts have been made to use some of the third-party software to implement [žalinga] Pompeo said on WMAL’s radio show The Mark Levin Show.
“These efforts are very important and I think we can now say quite clearly that the Russians participated in this activity,” added the head of diplomacy.
About 80 percent. The affected users are in the United States, writes Microsoft President Brad Smith in a blog post. Consumers in Belgium, the United Kingdom, Canada, Israel, Mexico, Spain and the United Arab Emirates were also affected.
“It is clear that the number of victims and locations will continue to increase,” Smith said, reiterating statements made by US officials this week about the high threat posed by the attack.
“This is not ‘normal spying’, not even in the digital age. It is a reckless act that has created serious technology vulnerabilities for America and the world, “said a Microsoft blog post.
An unusual alert issued by the Cyber Security and Infrastructure Agency (CISA) on Thursday said the complex attack was difficult to detect and will make it even more difficult to repair the damage it caused. The Department of Energy has admitted to being one of the target institutions of the attack.
This attack, especially if experts manage to prove their connection to Russia, poses a new foreign policy problem for President Donald Trump in the final days of his term.
Trump, whose administration has been criticized for firing the White House cybersecurity adviser and downplaying Russia’s interference in the 2016 election, has yet to make public statements about the attack.
President-elect Joe Biden, who will inherit strained relations between the United States and Russia, has spoken out strongly about the attack, saying that he, along with Vice President-elect Kamala Harris, will “make responding to this attack a priority as soon as we take possession “.
“We need to thwart the efforts of our opponents and, above all, deter them from significant cyberattacks,” Biden said. “We will do so, among other things, by imposing a significant cost on those responsible for such malicious attacks, as well as coordinating with our allies and partners.”
AFP / “Scanpix” nuotr./Joe Bidenas
“We don’t know much yet, but what we do know is cause for great concern,” he added.
CISA previously reported that hackers hacked computer networks by exploiting security vulnerabilities at SolarWinds, a Texas-based company. A recent report from CISA says the attackers may have used other methods as well.
Last weekend, when the media reported an intrusion into the systems of the Treasury and Commerce departments, CISA ordered all federal government agencies to remove the SolarWinds programs from their servers. Cybersecurity agencies issued similar warnings in Britain and Ireland.
A US official previously told the AP news agency that hackers were suspected of operating in Russia in the attack, but neither CISA nor the Federal Bureau of Investigation (FBI) had made public what was considered suspicious.
“This appears to be the largest piracy case in US history,” officials said. – They [įsilaužėliai] penetrated everywhere. “
“Serious problem”
“We have a serious problem. We don’t know what networks they have [įsilaužėliai] did they enter, how deep did they penetrate, what access do they have, what kind [kenkėjiškų] measures, ”said Bruce Schneier, a leading computer security expert.
It is not yet clear what information the hackers were looking for, but experts say they may have been interested in nuclear secrets, drawings of modern weapons, research information on the development of vaccines against coronavirus infection, or data on key figures. government and business.
Many private and federal sector employees must now rely on the assumption that many non-confidential networks are accessible to spies. Agencies will be more inclined to handle important government affairs through Signal, WhatsApp, and other encrypted communication platforms.
“We have to prepare, this journey will be long,” said Dmitry Alperovitch, one of the founders of IT security company CrowStrike.
Cleaning is only the first phase, “he emphasized.
According to B. Schneier, the only way to guarantee the security of the network is to “burn it to the base and then restore it.”
Deputy White House spokesman Brian Morgenstern told reporters Friday that National Security Advisor Robert O’Brien had held several meetings a day in recent days with representatives from the FBI, the Department of Homeland Security and the community. intelligence to find ways to mitigate the attack.
Mr. O’Brien did not provide further details, but assured him that the matter was being dealt with by “the best and the brightest, working diligently every day.”
The Democrats, who head four House committees and received a confidential report from the Trump administration on the theft, complained in a joint statement that they had “raised” more questions than they had answered.
“Administration officials were reluctant to divide [informacija] on the full scope of the robbery and the identities of the victims, ”they wrote.
More attacks are possible
An initial investigation by the Department of Energy (DOE) found that their networks were infected with malware during the SolarWinds software update. However, only departmental networks related to businesses were affected, not activities related to national security, including the agency that manages the United States nuclear arsenal, according to the report. The department said vulnerable programs were disconnected from the DOE network to reduce risk.
According to security experts and former government officials, the attackers likely sought to spy and gather information rather than disrupt systems. If this is true, the organizers of the attack probably managed to accomplish this task.
Thomas Bossert, a former Trump adviser on national security, writes in an article in The New York Times that the United States should act now assuming the Russian government has gained control of the networks it has penetrated.
“Real or implicit control of such a large number of important networks can easily be used to undermine public and consumer trust in data, written communications and services,” he said.
Members of Congress said they feared taxpayers’ personal information could be stolen because the US Internal Revenue Service (IRS) reports to the Treasury Department, which SolarWinds used. However, experts involved in the campaign to respond to the theft said the intruders were unlikely to be interested in such data because they are intelligence agents focused on sensitive national security information and the attempt to steal taxpayer data. it could have been unnecessarily overlooked.
Tom Kellermann, head of cybersecurity strategy for IT company VMware, speculated that hackers now “know everything” about the work of federal agencies that have been attacked. According to him, “there is a legitimate concern that they could suffer devastating attacks against these agencies” when the fact of the robbery itself came to light.
Companies rushing to protect their systems and assess the extent of potential data theft include defense companies, technology companies, communications, and power grid operators.
An energy group said it held a meeting last week to help private power companies and energy authorities determine whether the recent attack threatens their grids.
Dozens of smaller institutions whose managed data seemed of little interest to foreign spies were also forced to respond.
For example, the Helix Water District water company, which supplies drinking water to suburban San Diego, said it was updating its SolarWinds software when it received an alert from an IT systems company on Sunday, sending about 33,000. consumers.
[ad_2]