Cyber Attacks On US Government - New Evidence

The wide ranging and successful cyber attacks on US government agencies and numerous private companies, including Microsoft, widely believed to have been undertaken by state-sponsored Russian hackers which was  first reported in December 2020, may in fact have begun much earlier. 

US investigators originally thought that the attacks on government agencies and private industry targets began in March or April 2020, including breaches of Treasury, State, Commerce and Energy Departments. The Treasury and Commerce departments were both confirmed as having been affected and others may have been breached. 

The hack, which may still be ongoing, appears to have begun as long ago as October 2019, when hackers first breached the Texas software company SolarWinds, which provides technology monitoring services to government agencies and 425 of the Fortune 500 companies. The hacking campaign entered US government and private systems by surreptitiously tampering  with and inserting malware into  updates released by SolarWinds. 

The attacks work by hiding malicious code in the body of legitimate software updates that are provided to the hacking targets by third parties. That malicious code gave the highly professional hackers remote access to an organization’s networks so they could steal information. State-backed Russian hackers were identified as the suspects, although Russia has firmly denied any involvement.

Microsoft said that the hackers were unable to get into emails or its products and services and that they were not able to modify the company's vital  source code which they were able to view, Microsoft did not say how long hackers were inside its networks and initially denied that it was breached in the attack.

Hackers gained entry into networks by getting more than 18,000 private and government users to download a tainted software update. Once inside, they were able to monitor internal emails at some of the top agencies in the US. “We still don’t have for the private sector, or for that matter the public sector, any mandatory reporting” on major hacking incidents, said senator Mark  Warner, Vice-Chair of the Senate Intelligence Committee  said. “The amount of time it’s taking to assess the (latest) attack, it is taking longer than we would like to take,” he added. Warner also said the lack of US laws and policy to counter such major hacks is the product of a “lack of policy" that precedes the Trump administration. 

The massive data breach, revealed in the final weeks of Trump's administration is a dramatic finale for the Trump Presidency which has been accused of excessive deference to Russia and unsuccessful attempts to warm relations with President, Vladimir Putin. "There has been obviously a reluctance out of this White House to call out Russia repeatedly.... I don’t believe that is a problem of the intelligence community. I think that is a problem of the White House" Senator Warner told reporters.

This large scale and sophisticated operation is perhaps the biggest known cyber attack against against US federal government networks in years. 

New York Times:      CNN:      Yahoo:        Guardian:          Reuters:

You Might Also Read:

Is This The Hack Of The Decade?:

 

« Cyber Security In 2021 - Predictions & Trends
Six Big Features Of Cyber Security In 2021 »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

APMG International (APM Group)

APMG International (APM Group)

APM Group is a global accreditation, certification and examination body specializing in certification schemes for individuals, organizations and software.

CyberPilot

CyberPilot

CyberPilot ApS is a Danish cybersecurity company. We work with all types of companies and organisations, both large and small, who want to achieve effective cybersecurity.

ComCERT

ComCERT

ComCERT SA is an independent, private consulting company focusing in the assistance of its customers facing the dangers of cyber threats and security incidents.

Datec PNG

Datec PNG

Datec is the the largest end-to-end information and communications technology solutions and services provider in Papua New Guinea.

Cyber Intelligence (CI)

Cyber Intelligence (CI)

Cyber Intelligence is an award winning 'MSC status' cyber security education and training company.

CyberStream

CyberStream

CyberStream, a division of the TechStream Group, is an information & cybersecurity talent acquisition solution provider.

Cyscale

Cyscale

Cyscale automates the contextual analysis of cloud misconfigurations, vulnerabilities, access, and data, to provide an accurate and actionable assessment of risk.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

CyberLab

CyberLab

CyberLab (formerly Chess) is a specialist cyber security company that provides a wide range of security solutions and services.

Contextual Security Solutions

Contextual Security Solutions

Contextual Security Solutions is a leading provider of penetration testing services and IT security & compliance audits.

RecoLabs (Reco)

RecoLabs (Reco)

Reco empowers organizations to discover their SaaS applications, identities, and data, control access and prevent the risk of exposure.

8com

8com

8com is an established Managed Security Service Provider (MSSP) with over 75 employees and customers in over 40 countries.

QuantumCTek

QuantumCTek

QuantumCTek is a Chinese pioneer and leader in commercialized quantum information technology (QIT).

BTQ Technologies

BTQ Technologies

BTQ is a global quantum technology company focused on securing mission critical networks.

Hughes Network Systems

Hughes Network Systems

Hughes are industry leaders in networking technologies and services, innovating constantly to deliver the global solutions that power a connected future for people, enterprises and things everywhere.

Syteca

Syteca

Syteca is specifically designed to secure organizations against threats caused by insiders. It provides full visibility and control over internal risks.

Parried

Parried

Parried is a leading Managed IT Services and Cybersecurity provider, known for blending deep technical knowledge with business strategy.