Tag Archive for: hack

How A Cybersecurity Firm Uncovered The Massive Computer Hack : NPR

/in


Kevin Mandia, CEO of the cybersecurity firm FireEye, testifies before the Senate Intelligence Committee in 2017. Mandia’s company was the first to sound the alarm about the massive hack of government agencies and private companies on Dec. 8.

Susan Walsh/AP


hide caption

toggle caption

Susan Walsh/AP

Kevin Mandia, CEO of the cybersecurity firm FireEye, testifies before the Senate Intelligence Committee in 2017. Mandia’s company was the first to sound the alarm about the massive hack of government agencies and private companies on Dec. 8.

Susan Walsh/AP

The first word that hackers had carried out a highly sophisticated intrusion into U.S. computer networks came on Dec. 8, when the cybersecurity firm FireEye announced it had been breached and some of its most valuable tools had been stolen.

“We escalated very quickly from the moment I got the first briefing that, ‘Hey, we have a security incident of some magnitude,’ ” FireEye CEO Kevin Mandia told All Things Considered co-host Mary Louise Kelly. “My gut was telling me it was something we needed to put people on right away.”

Mandia was right. Within days, the scope of the hack began to emerge.

Multiple U.S. agencies were successfully targeted, including the departments of State, Treasury, Commerce, Energy and Homeland Security as well as the National Institutes of Health.

The hackers attached their malware to a software update from Austin, Texas-based company SolarWinds, which makes software used by many federal agencies and thousands of private companies to monitor their computer networks.

Top Cyber Firm, FireEye, Says It's Been Hacked By A Foreign Govt.

The SVR, Russia’s foreign intelligence agency, is considered the most likely culprit, according to Secretary of State Mike Pompeo and some members of Congress who have been briefed by…

Source…

Solarwinds hack victims: From tech companies to a hospital and university

/in


Fox Business Flash top headlines are here. Check out what’s clicking on FoxBusiness.com.

The suspected Russian hackers behind breaches at U.S. government agencies also gained access to major U.S. technology and accounting companies, at least one hospital and a university, a Wall Street Journal analysis of internet records found.

The Journal identified infected computers at two dozen organizations that installed tainted network monitoring software called SolarWinds Orion that allowed the hackers in via a covertly inserted backdoor. It gave them potential access to scores of sensitive corporate and personal data.

SUSPECTED RUSSIAN HACK AGAINST US IS ‘GRAVE’ THREAT, CYBERSECURITY AGENCY SAYS

Ticker Security Last Change Change %
SWI SOLARWINDS CORPORATION 15.75 -0.26 -1.62%

Among them: technology giant Cisco Systems Inc., chip makers Intel Corp. and Nvidia Corp., accounting firm Deloitte LLP, cloud-computing software maker VMware Inc. and Belkin International Inc., which sells home and office Wi-Fi routers and networking gear under the LinkSys and Belkin brands. The attackers also had access to the California Department of State Hospitals and Kent State University.

The victims offer a small window into the sweeping scope of the hack, which could have ensnared as many as 18,000 of Austin-based SolarWinds Corp.’s customers, the company said, after hackers laced a routine software update with malicious code.

SolarWinds said that it traced activity from the hackers back to at least October 2019 and that it is now working with security companies, law enforcement and intelligence agencies to investigate the attack.

Cisco confirmed in a statement that it found the malicious software on some employee systems and a small number of laboratory systems. The company is still investigating. “At this time, there is no known impact to Cisco offers or products,” a company spokesman said.

CLICK HERE TO READ MORE ON FOX BUSINESS

Intel downloaded and ran the malicious software, the Journal’s analysis found. The company is investigating the incident and has found no evidence the hackers used the backdoor to access the company’s network, a spokesman said.

Deloitte, infected in late June according to the Journal’s analysis,…

Source…

Here Are 24 Reported Victims Of The SolarWinds Hack (So Far)

/in



photo

Cisco

Internal machines used by Cisco researchers were targeted via SolarWinds as the impact of the colossal hacking campaign on the tech sector became apparent, Bloomberg reported Friday. Roughly two dozen computers in a Cisco lab were compromised through malicious updates to SolarWinds’ Orion network monitoring platform, according to Bloomberg, citing a person familiar with the incident.

The San Jose, Calif.-based networking giant told CRN its security team moved quickly to address the issue, and that there isn’t currently any known impact to Cisco offers or products. Cisco told CRN there’s no evidence at this time to indicate customer data has been exposed as a result of the compromise.

“While Cisco does not use SolarWinds Orion for its enterprise network management or monitoring, we have identified and mitigated affected software in a small number of lab environments and a limited number of employee endpoints,” Cisco said in a statement. “We continue to investigate all aspects of this evolving situation with the highest priority.”


 











 








Source…

Should the U.S. Retaliate for Russia’s Big Hack?

/in


The Russian hack of SolarWinds—which affected at least 18,000 of the firm’s customers, including several federal agencies—has revived a long, unsettled debate in national security circles: When Americans are hit with a massive cyberattack, should the U.S. government strike back?



Vladimir Putin wearing a suit and tie: Russian President Vladimir Putin in the town of Sarov outside Nizhny Novgorod on Nov. 26. Alexey Nikolsky/Sputnik/AFP via Getty Images

© Provided by Slate
Russian President Vladimir Putin in the town of Sarov outside Nizhny Novgorod on Nov. 26. Alexey Nikolsky/Sputnik/AFP via Getty Images

At first glance, the answer seems obvious: Of course, we should strike back—an eye for an eye, a tooth for a tooth—or how else will we deter the hackers, and others like them, from striking again?

On reflection, though, the question turns more complicated. Compared with the rest of the world, the United States, in all aspects of its life, is much more thoroughly connected to computer networks. We have the most powerful and precise cyber rocks to throw at other countries’ windows—but we live in a much glassier house. Therefore, retaliation could spark counter-retaliation, and, at each cycle of escalation, we could get hurt more badly than our adversary does.

Nevertheless, even some experts who have urged caution and taken note of our hypervulnerability are now saying that we have to do something. One of them, Richard Clarke, cybersecurity chief in President Bill Clinton’s White House and author of Cyber War—one of the first books to raise alarms about the subject—told me in an email that the SolarWinds hack “is over the line and requires a response. Yes, we run the risk of an escalating round of mutual damage, but that may be what it takes for this country to start taking the long list of necessary steps to secure out networks and what they run.”

President-elect Joe Biden seems to agree, saying he would impose “substantial costs” on those responsible for the hack. “A good defense isn’t enough,” he added. “We need to disrupt and deter our adversaries from undertaking cyberattacks in the first place.”

Fine. But how do we do this? What costs do we impose? And how do we ensure that the disruptions deter future attacks? President Barack Obama once signed a directive declaring that the United States might respond…

Source…