[ad_1]
Federal authorities voiced heightened alarm on Thursday (Friday NZT) about a long-undetected intrusion into computer systems in the United States and others around the world that officials suspect was carried out by Russian hackers. The nation’s cybersecurity agency has warned of a “serious” risk to government and private networks.
The hack compromised federal agencies and “critical infrastructure” in a sophisticated attack that was difficult to detect and will be difficult to undo, the Cybersecurity and Infrastructure Security Agency said in an unusual warning message. The Department of Energy acknowledged that it was among those who had been hacked.
The attack, if authorities can prove it was carried out by Russia as experts believe, creates a new foreign policy problem for US President Donald Trump in his final days in office.
Trump, whose administration has been criticized for removing a White House cybersecurity adviser and downplaying Russian interference in the 2016 presidential election, has made no public statements about the breach.
READ MORE:
* Hack may have exposed deep US secrets; damage still unknown
* America spent billions on the system to detect hackers – the Russians beat it
* Trump’s claims of vote manipulation are wrong
US President-elect Joe Biden, who will inherit the potentially difficult relationship between the US and Russia, spoke forcefully about the hack, stating that he and Vice President-elect Kamala Harris “will make dealing with this breach a priority from the moment we take office. “
Manuel Balce Ceneta / AP
Elite cyber spies have spent months secretly exploiting SolarWinds software to peek on computer networks, putting many of the company’s highest-profile customers in national governments on high alert, including the US Treasury and Commerce departments. USA
“We need to disrupt and deter our adversaries from launching significant cyber attacks in the first place,” he said. “We will do so, among other things, by imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”
“There are a lot of things we don’t know yet, but what we do know is cause for great concern,” Biden said. He thanked the “public servants” of the administration who, he said, were “working around the clock to respond to this attack.”
CISA officials did not respond to questions, so it was unclear what the agency meant by a “serious threat” or “critical infrastructure” possibly targeted by the attack that the agency previously said appeared to have started last March. Homeland Security, the agency’s parent department, defines such infrastructure as any asset “vital” to the US or its economy, a broad category that could include power plants and financial institutions.
The agency previously said that the perpetrators had used network management software from Texas-based SolarWinds to infiltrate computer networks. His new alert said the attackers could have used other methods as well.
Tech giant Microsoft, which helped respond to the breach, revealed late Thursday that it has been working to notify more than 40 organizations that were compromised using “additional and sophisticated measures” beyond the back door on systems. SolarWinds. Microsoft said most of the compromised customers are in the United States, with victims also in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.
Jenny Kane / AP
Following the disclosure of a global cyber espionage campaign that penetrated multiple U.S. government agencies and private organizations, governments and major corporations around the world are fighting to see if they too were victims.
Over the weekend, amid reports that Treasury and Commerce departments were breached, CISA ordered all civilian agencies of the federal government to remove SolarWinds from their servers. Cybersecurity agencies in Great Britain and Ireland issued similar alerts.
A US official previously told The Associated Press that Russia-based hackers were suspected, but neither the CISA nor the FBI have publicly said who is believed to be responsible. When asked if Russia was behind the attack, the official said: “We think so. We haven’t said it publicly yet because it’s not 100 percent confirmed. “
Another US official, who spoke on condition of anonymity to discuss a matter under investigation, said the attack was severe and extremely damaging, although the administration was not yet ready to publicly blame anyone for it.
“This appears to be the worst case of piracy in the history of the United States,” the official said. “They got into everything.”
At the Department of Energy, the initial investigation revealed that malware injected into their networks via a SolarWinds update has been found only on their commercial networks and has not impacted national security operations, including the agency that manages the arsenal of the country’s nuclear weapons, according to his statement. He said the vulnerable software was disconnected from the DOE network to reduce any risk.
The perpetrators’ intentions appear to be espionage and information gathering rather than destruction, according to security experts and former government officials. If so, they are now very well placed.
Thomas Bossert, a former Trump National Security adviser, said in an op-ed in The New York Times that the United States should now act as if the Russian government has gained control of the networks it has penetrated. “The actual and perceived control of so many important networks could easily be used to undermine public and consumer trust in data, written communications and services,” he wrote.
Members of Congress said they feared that taxpayers’ personal information could have been exposed because the IRS is part of the Treasury, which uses SolarWinds software. Experts involved in responding to the hack say the intruders are likely not interested in such data because they are intelligence agents who narrowly target sensitive national security data, and trying to steal taxpayer information is likely to set off alarms.
Patrick Semansky / AP
The hackers broke into the computers of the United States Department of the Treasury and possibly other federal agencies, prompting a government response that involved the National Security Council. Security Council spokesman John Ullyot said on Sunday, December 13, 2020, that the government is aware of the reports of the attacks.
Tom Kellermann, head of cybersecurity strategy at software company VMware, said hackers are now “omniscient in the operations” of federal agencies they have infiltrated “and there is a viable concern that they may exploit attacks. destructive within these agencies “now that I’ve been discovered.
Among the business sectors struggling to protect their systems and assess potential information theft are defense contractors, technology companies, and telecommunications and power grid providers.
A group led by CEOs from the electric power industry said it conducted a “awareness call” earlier this week to help utilities and energy utilities identify whether the commitment represented a threat to your networks.
And dozens of smaller institutions that appeared to have little data of interest to foreign spies were forced to respond to the hack.
The Helix Water District, which provides drinking water to suburban San Diego, California, said it provided a patch to its SolarWinds software after receiving a notice the IT company sent about the attack to some 33,000 customers on Sunday.
“While we use SolarWinds, we are not aware of any impacts to the district from the security breach,” said Michelle Curtis, spokeswoman for the water district.
