Search This Blog

Showing posts with label SolarWind. Show all posts

Singapore Assessing WhatsApp Privacy Policy Change, Not 'Adversely Affected' In SolarWinds Breach

 

Currently, it is safe to say that Singapore’s government and non-government departments are safe from the adverse effects of SolarWinds security breach, nevertheless, the Singapore government has made requests to their organizations to protect their systems against potential threats. 

Additionally, the government has also exhibited deep concern regarding upcoming privacy policy changes on WhatsApp messenger, which is one of the platforms employed by the government to provide information to their citizens. The Minister for Communications and Information, S. Iswaran, said that when we got the news regarding the big data breach threat (SolarWinds security breach), our Cybersecurity Agency (CSA) has raised the national cyber threat alert level and immediately started working towards it. 

"There is no indication, thus far, that Singapore's CII and government systems have been adversely affected by the SolarWinds breach," said Iswaran, who was responding to questions raised in parliament. He added that, "The government is, nonetheless, adopting a cautious stance." 

Furthermore, he said that the “CSA had issued public advisories on steps enterprises should take to safeguard their systems against potential threats, including having full visibility of their networks and detecting unusual activity in a timely manner. The situation still was evolving as affected companies continued to investigate the breach’’. 

While advising on the matter, he suggested for the government to move towards a Zero Trust security posture, where organizations should not trust any activities until verification and there should be constant surveillance and alertness towards suspicious activities. Organizations should be establishing strong cyber-attack response plans to cope up with such incidents, as chronicled in the recent past. 

"The SolarWinds incident underscores the global and trans-border nature of cyber threats," the minister noted, “Though difficult to completely prevent, we need deliberate, targeted, and consistent efforts to strengthen our cyber defenses against [such] sophisticated threats, which exploit the supply chain of trusted vendors and software." 

Singapore Government's WhatsApp Channel Has 1.22M Subscribers

Ministry has also responded to the questions regarding WhatsApp's upcoming privacy policy changes, explaining that the government is concerned regarding this too as consumers have raised their voices on the matter. According to Iswaran, at present, there are 1.22 million users to Singapore's Gov.sg WhatsApp channel, which is one of the many platforms used to reach our local population, including Telegram, Twitter, as well as its own Gov.sg website.

Further, he ensured, "Private-sector organizations contracted by the government to perform data-related activities, including the processing and communication of personal data, are bound by contractual terms and conditions. These will determine whether organizations are permitted to share, for their own commercial purposes, the data that has been provided by, or collected on behalf of, the government”.

Russians Warned for US-led Cyberspace Threat Ensuing Solar Wind Orion

 

On Thursday evening, the Russian government released a security notice to Russian firms warning of possible US-led cyber-attacks following the SolarWinds incident. In retaliation for SolarWinds hacking which has breached networks of a variety of US federal agencies including the Defense Department and top-tech businesses, the Russian government has warned corporations around the world of an imminent cyberspace threat. 

At least 250 federal agencies and leading US businesses have suffered from Russian-backed hackers by filtering into the surveillance and control platform 'SolarWinds Orion.’ The response of the Russian government comes after earlier statements from the current Biden administration.

New officers from the White House said that they are reserved with the freedom to respond to cyberattacks, and they would want to do so in answer to the questions about their plans for SolarWinds. The secretary of the press said that “We’ve spoken about this previously… of course we reserve the right to respond at a time and manner of our choosing to any cyberattack.” 

The reaction from Moscow to this statement was given hours later by the Federal Security Service, an internal security and intelligence body in Russia, the National Coordinating Centre for Computer Accidents. It took the form of a protection newsletter. 

The brief statement included a list of 15 best practice safety measures that companies have to follow to remain safer online, and cited the statements of the Biden government which are considered as a threat. The best practice in the warning is to include factory safety guidance and few businesses and even the least qualified safety, as noted by the experts. 

In reaction to Biden's hostile declaration earlier in the day further security warnings were released. In the SolarWinds incident, Russia has declined its stance. Following the event of SolarWinds, the Biden administration has dedicated $9 billion to cyber defense. Recently, at least 24 large corporations, including tech giants including Intel, Cisco, VMware, and Nvidia have been hacked. 

In Orion applications sold by the IT management firm SolarWinds, the alleged Russian hackers built and collected the confidential data of a number of U.S. government departments and firms. The original report was that 18,000 government and private networks were hacked by Russian hackers.

SolarWinds Attack Update: Russian Hackers Breached 250 US Agencies and Top Companies

More than 250 US Federal Agencies and big companies have been attacked by alleged state-sponsored Russian hackers. The attackers gained access by hacking into 'SolarWinds Orion' management and monitoring software. The hack was much worse than what I expected, says US Senator Mark Warner according to New York Times report. The scale of the attack keeps increasing, it's evident that the US government failed to detect the attack. As per the report, companies like Amazon and Microsoft who offer cloud-based services, now investigate further to find evidence. 

The report suggests that Russian hackers compromised multiple supply chain layers to breach more than 250 networks and gain access. According to Microsoft, hackers exploited the SolarWinds software which allowed them to copy user accounts of the company, some of which were top-level individual accounts. Microsoft found unusual activity in a few company accounts and upon investigation, it found that hackers used one account to access source code in multiple source codes repositories. Besides this, Microsoft confirms that the account didn't allow hackers to change code or modify engineering systems. 

The further investigation cleared that no other unusual activities were found. During the investigation, these accounts were tested and then restored. Earlier assumptions suggested Russian actors breached more than 18000 public and private networks (including government agencies).  According to the reports, it suggests that few breached SolarWinds softwares were modified in Eastern Europe. Cybersecurity experts and federal officers currently investigate if the large scale attack operated from areas where Russian intelligence is deeply embedded. 

CISA (Cybersecurity and Infrastructure Security Agency) has alarmed US federal agencies to either shut down all the exploits SolarWinds applications or update the hacked SolarWinds Orion software. E-Hacking News earlier reported "currently, Microsoft hints to “a very sophisticated nation-state actor” as the attacker, cybersecurity experts, and the U.S government has alleged Russia for orchestrating the SolarWinds attack. The cyberattack also revealed a listing of susceptible companies. However, Microsoft didn't disclose how much the hackers were able to view the source code and what the hackers did with it. "

SolarWind Cyberattack: Microsoft Admits Hackers Could View Its Source Code

While Microsoft is investigating the major SolarWinds cyberattack, according to the company, it found that Microsoft's systems were hacked "beyond just the presence of malicious SolarWinds code." Microsoft believes that the Solorigate incident can be a chance to be together and work towards essential safety steps like sharing information, strengthening security, and countering cyberattacks. As per Microsoft, the attackers could see source codes in multiple source code repositories; however, the hacked account didn't give any permission to change any systems or code. 

Currently, Microsoft hints to “a very sophisticated nation-state actor” as the attacker, cybersecurity experts, and the U.S government has alleged Russia for orchestrating the SolarWinds attack. The cyberattack also revealed a listing of susceptible companies. Besides this, today's announcement of Microsoft shows that experts may find the further impact of the cyberattack in the coming weeks and months. As of now, Microsoft said that meanwhile the hackers managed to intercept deeper than before, the company didn't find any evidence which may suggest "access to production services or customer data,” or "no indications that our systems were used to attack others." 

Besides this, the company said that it holds a common assumption that hackers may be able to intercept its source code and that Microsoft doesn't depend merely on the privacy of source codes to safeguard its products. However, Microsoft didn't disclose how much the hackers were able to view the source code and what the hackers did with it.  In December, Dan Smith, Microsoft President warned that the cyber attack is a "moment of reckoning" and alarmed about its threat. He termed it as unusual espionage, not attacking any particular targets, but disrupting critical infrastructure trust and reliability to progress a country's intelligence organization.  

"The list of vulnerable companies is much smaller than SolarWinds’ overall client list, so simply appearing on the list doesn’t mean a company has been affected. SolarWinds claims that only 33,000 companies use the Orion product, compared to its total client base of 330,000," reports Verge. "As with many companies, we plan our security with an “assume breach” philosophy and layer in defense-in-depth protections and controls to stop attackers sooner when they do gain access," says Microsoft blog.