[ad_1]
The hackers broke into the computer networks of the United States Treasury, the Department of Commerce and the Department of Homeland Security.
The Petya virus attack is no longer the largest in history.
On December 14 it became known that the US authorities were subjected to a large-scale cyberattack through the software of the company SolarWinds.
SolarWinds software with embedded malicious code was received by 18,000 of the company’s customers.
Correspondent.net assessed the magnitude of the attack.
How it was organized
Cybercriminals managed to penetrate computer systems through developer Solar Winds’ software products widely used at the corporate level.
Approximately 18,000 Solar Winds customers have downloaded SolarWinds Orion Grid Management Systems. A week earlier, hackers hacked it and inserted a secret code into it. Thus, the attackers gained access to the data of all these companies and institutions.
Who was attacked
University of Surrey cybersecurity researcher Alan Woodward says it was probably the biggest cyber attack in history against Western governments.
The hackers gained access to data from the US Department of the Interior, Defense, Homeland Security and the US Department of the Treasury and Commerce.
Both the US Department of Energy and the National Nuclear Security Administration found evidence of a break-in.
Microsoft said it has identified more than 40 of its customers who were victims of this cyber attack. These include government agencies, political research institutions, non-governmental organizations, and IT companies.
About 80% of them are in the United States, the rest in Canada, Mexico, Belgium, Spain, Great Britain, Israel and the United Arab Emirates.
US federal agencies have been ordered to remove SolarWinds.
Who attacked?
The FBI has not officially announced who, in its opinion, is behind these attacks.
Sources at The Washington Post said the group Cozy Bear (also known as APT29), which is associated with the FSB, is behind the attack.
US Secretary of State Mike Pompeo also said that Russia was behind the new cyber attack on the US government.
Suffice it to say that significant efforts have been made to use third-party software to embed code in the systems of the US government and, as it seems now, in the systems of private companies, companies and governments around the world. It was a very significant effort, and I think we can say quite clearly that it was the Russians who participated in this activity, ”Pompeo said.
But Trump does not really trust his secretary of state, the president of the United States believes that the press is exaggerating the scale of the cyber attack and that China may be behind it.
“I am fully aware, everything is under control. Russia, Russia, Russia – (the first candidate) because the mainstream media, mainly for financial reasons, are afraid to discuss the possibility that it could be (could!) China, ”Trump wrote on Twitter.
A statement from the Russian embassy in the United States, published on Monday, December 21, said that Russia does not conduct offensive operations in cyberspace.
Will there be a reaction?
The Associated Press, citing anonymous sources, reported that White House officials planned to issue a statement on the afternoon of December 18, calling Russia the “protagonist” of a new cyberattack on the United States government, but in at the last minute they were instructed to cancel the publication of the document. For what reason and by whom the statement was stopped, the agency does not specify.
The next president of the United States will be able to respond to cyber attacks. According to future White House Chief of Staff Ron Klein, Joe Biden’s response to the recent spate of hacker attacks will go beyond sanctions.
Possible responses, according to informants, include financial measures and retaliatory hacker attacks on Russian infrastructures.
That said, Biden’s tough response to Moscow is expected to receive bipartisan support. The Kremlin continues to insist that it is not involved in these cyber attacks.
