Tag Archive for: hack

What the SolarWinds Hack Tells Us About IoT and Supply-Chain Security | 2021-03-15

/in


No matter the industry, cybersecurity breaches seem to be escalating in size and scale. 

The sprawling hacking campaign launched by Russia three months ago — which impacted as many as 18,000 customers of the Texas-based software maker SolarWinds Corp. — is an egregious example of the far reach of a potential supply-chain attack.

The term “supply-chain risk” is a large umbrella that covers lots of security threats and vulnerabilities. In the SolarWinds case, the threat actors, believed to be working on behalf of a foreign government, trojanized the software updates to a popular tool SolarWinds Orion. The attack left potential backdoor access points to hundreds of companies and nine federal agencies. And that’s only what we know — we will likely be uncovering the effects of this breach for years to come.

Other supply-chain risks may manifest as security flaws baked into electronic devices. Manufacturers of smartphones, printers, routers, internet-of-things devices and critical infrastructure systems buy components from third parties. These components are shipped with embedded firmware that may have existing security flaws. What’s more, some of that firmware wasn’t written by the manufacturer, but comes from open-source code maintained by volunteers in the I.T. community.

Here’s what the broader supply-chain industry needs to know about cyberattacks.

Veiled Software

There’s a growing movement of purchasers that are demanding comprehensive lists of the software within a device — but for now, it’s rare for manufacturers to provide it. That list, known as a software bill of material (SBOM) is key to supply-chain security, but it’s important to note that it’s not a cure-all. For example, an SBOM would not have caught the SolarWinds backdoor. What was needed was for a security team member to analyze the final software files themselves, before it was released to customers.

A Back Seat

Software developers and device manufacturers have shifted to rapid development processes. On the software side, this agile development framework pushes numerous and rapid updates, sometimes to add new features, occasionally to fix security flaws. There’s a similar push…

Source…

Latest Microsoft Hack Opens Door For New OZ Attacks – channelnews

/in


Australian businesses who use Office 365 or Microsoft’s Exchange email service are facing new security threats as hackers and ransomware groups take advantage of a major hack on Microsoft servers that resulted in a free-for-all as hackers hunt down unpatched email servers to attack.

Right round the world Microsoft servers have been exposed with one problem being ransomware groups who are using the flaw to install malicious programs.

Once these programs are installed the perpetrators locks away a user’s data behind strong encryption, making the computer system unusable.

The group then demands payment to unlock it – and if demands are not met, will steal, or delete the data.

Initially, the flaw was being exploited by a hacking group to gain remote access to email servers, from which it could steal sensitive data.

But after Microsoft warned the world it had identified the problem and urged all its users to download a new security updates, other hacking groups quickly became familiar with the flaw.

The UK National Cyber Security Centre said it estimated 7,000 servers had been affected by the flaw and only half had been secured.

The agency said it was “vital” that all affected businesses took action to secure their email servers.

The announcement reveals the scale of the problem among companies for the first time since the global security flaw emerged last week claimed the BBC.

The NCSC is particularly concerned about small and medium-sized businesses that may not have heard about the issue.

“We are working closely with industry and international partners to understand the scale and impact of the exposure, but it is vital that all organisations take immediate steps to protect their networks,” NCSC’s director for operations Paul Chichester warned.

“While this work is ongoing, the most important action is to install the latest Microsoft updates.”

About Post Author

David Richards has been writing about technology for more than 30 years. A former Fleet Street journalist, he wrote the Award Winning Series on the Federated Ships Painters + Dockers Union for the Bulletin that led to a Royal Commission. He is also a Logie Winner for Outstanding Contribution To TV…

Source…

UK companies urged to update security after Microsoft hack

/in


The Daily Beast

How Joe Biden—in Less Than Two Months—Turned Ronald Reagan’s Decades-Old Conventional Wisdom on Its Head

Bloomberg/Getty“The nine most terrifying words in the English language are: ‘I’m from the government, and I’m here to help.’” With that famous line, uttered by Ronald Reagan on Aug. 12, 1986, during his second term as president, the GOP mantra for decades to come was born.In fact, this philosophy later even found a home in the Democratic Party. President Bill Clinton in his 1996 State of the Union address declared that, “The era of big government is over,” explaining that, “We have worked to give the American people a smaller, less bureaucratic government in Washington.” And during an October 2000 presidential debate between Al Gore and George W. Bush, pundits at the time noted that the two seemed to be competing for the title of “the candidate of smaller government.” Gore even bragged that his “reinventing government” campaign as vice president under Clinton had reduced the government to its smallest level in terms of jobs since 1960.Biden’s Revolution Is Doing What Obama and Clinton Did Not Those days are, thankfully, gone—at least for now. Even a good chunk of Republicans recognize that during this pandemic, the federal government offering to help is not “terrifying.” Rather, it can be a life-saver both in terms of health and finances.In fact, moments after President Biden finished his national address Thursday marking one year since the virus was declared a pandemic, Trump-lovers Sean Hannity, Mike Huckabee, and others were whining that Biden did not thank Trump for launching “Operation Warp Speed” –the $18 billion federal government program designed to “accelerate the testing, supply, development, and distribution of safe and effective vaccine.” Even these staunch conservatives were implicitly admitting that this federal government program was effective at helping Americans.Another body blow to Reagan’s philosophy that the government is inherently bad can be seen in the remarkable level of support for the massive COVID relief packages. Last March, when the $2.2 trillion CARES Act—the first relief bill—was…

Source…

Microsoft Investigates Whether Leak Led to Exchange Hack: Report

/in


Illustration for article titled Microsoft Investigates Whether Leaked 'Proof of Concept' Attack Code Contributed to Exchange Hack

Photo: Jeenah Moon (Getty Images)

Hackers may have gotten their hands on inside intel that Microsoft shared with its security partners to exploit vulnerabilities in the company’s widely used email and calendaring software Exchange, according to a Friday Wall Street Journal report.

Several different hacker groups have descended on the Exchange in a series of branching cyber attacks that compromised at least 30,000 U.S. organizations. State-sponsored hackers from China reportedly exploited several zero-day vulnerabilities in Microsoft’s software, which other cyberattackers later took advantage of, to gain entry into Exchange servers and plant malicious code in order to steal large troves of email data from American businesses and local governments.

The first wave of attacks began in January and picked up steam in the week before Microsoft planned to roll out a software fix to customers, the Journal reports. Tools used in the second wave, which is believed to have begun on Feb. 28, bore several similarities to “proof of concept” attack code that Microsoft distributed to antivirus companies and other security partners just a few days earlier, people familiar with the investigation told the outlet. While Microsoft initially planned to push out a software fix on March 9, it ended up releasing the patch early, on March 2, in response to the second wave of attacks.

Microsoft uses an information-sharing network, Microsoft Active Protections Program or MAPP, to push out alerts about its product to its security partners so they can identify emerging threats. MAPP includes 80 security companies worldwide, including about 10 based in China. A subset of these organizations received the proof-of-concept code that could be used to attack Microsoft’s systems in a notification that contained technical details regarding unpatched flaws in Exchange, per the Journal. A Microsoft spokesperson declined the Journal’s request for comment on whether any Chinese companies were included in this subset.

G/O Media may get a commission

The spokesperson went on to say that Microsoft has seen “no indications” of a leak from inside the company, but if its internal investigation finds that any MAPP…

Source…