[ad_1]
A small number of UK organizations are known to have been affected by an alleged Russian hacking campaign that has also penetrated top-secret US government agencies.
No public sector body is yet known to be among the victims in the UK, according to a security source.
But British officials are investigating whether there have been any additional impacts against government departments and businesses after cybersecurity experts in the United States discovered the massive hacking campaign last week.
Paul Chichester, director of operations for the UK’s National Center for Cyber Security (NCSC), which is part of the spy agency GCHQ, urged companies to take “immediate action” to protect their networks.
“This is a complex global cyber incident, and we are working with international partners to fully understand its scale and any impact on the UK,” he said in a statement.
“The NCSC is working to mitigate any potential risks, and practical guidance has been posted on our website.”
The comments came as officials in the US, UK and around the world struggled to understand the enormity of the attack, which appears to be unprecedented in terms of its penetration into the US security apparatus.
“This could be the most shocking national security breach, a cyber breach, that we have ever seen,” said John Hultquist, senior director of analytics at Mandiant Threat Intelligence.
Mandiant is part of cybersecurity company FireEye, which was the first to discover the breach when it discovered that its systems had been compromised.
After raising the alarm, it emerged that various departments of the US government, including the departments of defense, state, treasury and even the nuclear agency, had also been breached.
A spokeswoman has said that there is no threat to the US nuclear weapons arsenal.
“They clearly managed to get access to a lot of safe areas. It’s going to be very difficult to get out,” Hultquist told Sky News.
What appears to have been a highly sophisticated team of hackers used various ways to compromise the public and private sector computer networks.
One was through software called Orion created by technology firm SolarWinds.
Malicious code was inserted into an update of this software, used by thousands of customers. Once the update was installed, the hackers gained access to a large number of networks, including those of the US government and Microsoft.
But just updating the infected software does not mean that the system has been compromised.
With such a large list of potential targets, it appears that the hackers carefully selected the companies and government agencies they wanted to exploit.
They could do this by stealing secrets, exchanging important data, or just sitting on spy systems. As it stands, the scale of the damage or possible theft is not yet known.
Ciaran Martin is the founder and former director of the NCSC and now works as a professor at the Blavatnik School of Government at the University of Oxford.
“It is one of the most significant cyber attacks that has ever been seen,” he told Sky News.
“But from what we know, at this point, it seems to be [for] traditional espionage, obtaining information from governments and companies, instead of altering data, destroying data, manipulating things, etc., but it remains to be seen what the final image tells us. “
US media reports have said that Russia’s foreign intelligence service, the SVR, is suspected of being behind the attack. But the US government has yet to issue any formal attribution.
Donald trump, the outgoing president, has yet to make any public mention of the attack despite his successor, Joe Biden, he has said that dealing with the violation will be a “top priority” for his administration from the moment he takes office.
The Kremlin has denied any involvement.
Mr. Hultquist said that whoever carried out the hack was a very sophisticated operator.
“They are among the most advanced that we have seen, if not the most,” he said.
“They are very adept at forensics to stay under the radar.”
This means that hackers were careful to hide their trail every time they penetrated a network, making it difficult, if not impossible, to know where they had gone and what they had seen.
“The proof [of their capability] it’s in the pudding, “Hultquist said.
“Just look at how many high-value targets they were able to silently compromise. It’s pretty much all the evidence you need on how capable they are.”