Search This Blog

Showing posts with label Putin. Show all posts

US Cyberattack: More than 50 Companies Suffer A Massive Breach

FireEye, the cybersecurity firm responsible for finding out about the massive hacking campaign against the US government says that 50 organizations have suffered major breaches from the attack. According to BBC, "Several other organizations around the world, including in the UK, are understood to have been targeted by hackers using the same network management software." FireEye CEO, Kevin Mandia said a total of 18,000 organizations had suffered an attack, out of which 50 have suffered a major data breach. 

Among the targets include DHS(Department of Homeland Security), The US Treasury, and state and defenses.  Mike Pompeo, US Secretary of State, says Russia is responsible for the attack. Whereas former US President Donald Trump suspects China behind the cyberattacks. Trump took to Twitter last Saturday and said that he believes China is responsible for the attack against the US. According to FireEye, the hacking breach is very serious and consistent. The US officials believe that the attack is the work of SVR, a Russian foreign intelligence agency. 

According to Mr. Mandia, these might be the same hackers that the US encountered in the 90s and the early 2000s. It all started when the hackers breached SolarWinds Orion, a Texas-based firm. In the SolarWinds supply chain hack, a "big" telecommunications company, various government organizations, and a fortune 500 company have been the targets of the breaches. The news comes a day after Microsoft agreed that it had informed its 40 customers of a breach in its Defender antivirus software. Mr. Pompeo has a firm belief that Russia is engaged with this activity. He alleges Russia for undermining the US government and says Russian President Putin is the real risk. 

"Hackers managed to gain access to major organizations by compromising network management software developed by the Texas-based IT company SolarWinds," reports BBC news. The access could have allowed the hackers to take a high degree of control over the networks of organizations using that software, but appears to have been used to steal data rather than for any disruptive or destructive impact, it further says.

Massive Cyberattack On US Government Exposes Shortcomings, Russia Named Top Suspect

Not long ago, US agencies had confirmed a massive data breach that compromised their networks. The problem persists, and US federals are still grappling to comprehend the extent of the breach. The data breach is linked to a large-scale hacking campaign that the experts have associated with Russia's operations. "The broad Russian espionage attack on the US government and private companies, underway since spring and detected only a few weeks ago, is among the most significant intelligence failures of modern times," reports The New York Times

As of now, various firms are investigating the issue, and a cybersecurity agency Fireye on Wednesday revealed that the malware has a "killswitch" that allows the software to shutdown. However, even if the malware is deactivated, the infected systems can remain susceptible to hackers' attacks. Besides this, currently, US federal agencies are under a lot of pressure to take strict action against Russia. In reality, the officials are still trying to address the exploited vulnerabilities and officially find the threat actor. 

The attack has exposed the vulnerabilities and shortcomings of the US cyber defenses. The news appears at a delicate time when the Biden administration has just taken over the office. President Joe Biden's administration is currently meeting with various agencies to look for options for dealing with this alarming threat. The Biden staff came to know about the massive intrusion on Monday, says DHS and Infrastructure Security Agency. US cybersecurity experts and officials say that the incident should be a warning to both the US government and private sector organizations because foreign actors will keep charging more damage in the future. 

"House and Senate Intelligence Committee aides received a phone briefing on the hack from administration officials on Wednesday, but the full extent of the breach remains unclear, according to sources familiar with the briefing. The Biden transition team was also briefed on the attack this week, an official from the Department of Homeland Security's cyber arm told CNN. The official declined to provide additional details about what was discussed," reports CNN.