Tag Archive for: russian

Meet The Super Rich Czech Tech Company — And Its Russian CEO —Denying Links To The Huge SolarWinds Hack

/in


Maxim Shafirov is looking grizzled, grumbling through a stubbled muzzle about having just two hours sleep, hunched over his computer as the snow falls behind him in a window that looks out to a wintry St. Petersburg. The Russian native’s grouchiness is understandable.

Shafirov is the CEO of Czech company JetBrains, which was likely one of the biggest tech companies you’d never heard of, until Wednesday when reports cited government sources saying it was being investigated for links to huge cyberattacks on U.S. government agencies and tech giants, via the hack of another low-profile IT provider, SolarWinds, and scores of its clients, including federal agencies. For millions of coders, the Prague-based business’ tools are invaluable, providing all manner of software to make their app building that much easier. Founded in 2000, it claims over 8 million paying users in over 213 countries. Company revenue for 2019, according to the most recently-available results for the privately-held business, stood at $270 million, with year-on-year growth of 33%. Shafirov, in an upbeat moment in an interview with Forbes, says that despite the Covid-19 pandemic, its revenue growth this last year was 10%, indicating near $300 million for 2020. The business was a so-called “unicorn” worth more than $1 billion, according to a JetBrains spokesperson.

Few outside the tech world would’ve paid the company much attention until reports in the New York Times, Reuters and the Wall Street Journal indicated those investigating what’s become one of the most severe acts of cyber espionage in recent memory were looking at the possibility JetBrains was involved. The reports hint JetBrains, or one of its apps, TeamCity, was hacked, leading to an infiltration at SolarWinds, which, in turn, had one of its own tools compromised and used to hijack customer networks. Amongst the victims are the Department of Justice, which yesterday revealed 3% of its Office 365 emails had been compromised. It joined the Department of Energy, the Treasury, Microsoft,…

Source…

FBI, NSA say ongoing hacks at US federal agencies ‘likely Russian in origin’ – TechCrunch

/in


The U.S. government says hackers “likely Russian in origin” are responsible for breaching the networks of at least 10 U.S. federal agencies and several major tech companies, including FireEye and Microsoft.

In a joint statement published Tuesday, the FBI, the NSA and Homeland Security’s cybersecurity advisory unit, CISA, said that the government was “still working to understand the scope” of the breach, but that the breaches are likely an “intelligence gathering effort.”

The compromises are “ongoing,” the statement said.

The statement didn’t name the breached agencies, but the Treasury, State and the Department of Energy are among those reported to be affected.

“This is a serious compromise that will require a sustained and dedicated effort to remediate,” the statement said. “The [joint agency effort] will continue taking every necessary action to investigate, remediate, and share information with our partners and the American people,”

News of the widespread espionage campaign emerged in early December after cybersecurity giant FireEye, normally the first company that cyberattack victims call, discovered its own network had been breached. Soon after, it was reported that several government agencies had also been infiltrated.

All of the victims are customers of U.S. software firm SolarWinds, whose Orion network management tools are used across the U.S. government and Fortune 500 companies. FireEye said that hackers broke into SolarWinds’ network and pushed a tainted software update to its customers, allowing the hackers to easily break into any one of thousands of companies and agencies that installed the backdoored update.

Some 18,000 customers downloaded the backdoored software update, but the government’s joint statement said that it believes only a “much smaller number have been compromised by follow-on activity on their systems.”

Several news outlets have previously reported that the hacks were carried out by a Russian intelligence group known as APT 29, or Cozy Bear, which has been linked to several espionage-driven attacks, including attempting to steal coronavirus vaccine research.

Tuesday’s joint statement would be the first…

Source…

The Russian hack and securing our 5G broadband future

/in


It doesn’t look like a four-letter word but, as with all things in the realm of cyberspace and security, looks can be deceiving. News of the Russian hack of literally tens of thousands of government agencies and many of our largest companies has suddenly made our vulnerability painfully real — especially at a time when the pandemic has expanded our use of cyber space into virtually every aspect of daily living. “Work From Home” (WFH), food delivery, on-line retail, telehealth, and distance learning are only examples of a myriad of daily life functions that have suddenly been transformed from in-person to an increasingly digitally accessed world. While empowering, this digital transformation is also creating new digital vulnerabilities.

The bad guy is in the house


That old horror movie line is suddenly a chilling possibility for vast portions of the United States public and private networks. The “high trade craft” introduction of sleeper malware into a seemingly routine upgrade of Solar Winds Orion software between March and June of 2020 has exposed large sectors of U.S. infrastructure to malicious actors who can not only spy on sensitive and secret information, but also invisibly manipulate the underlying systems that actually run key segments of our society. Left unchecked, the potential mischief and real damage is incalculable, and the really scary thing is that, unless we’re very careful, they’ll be watching us do whatever we try to do to fix it from inside the house.

Cyber security is national security

The primary function of our National Security agencies is to protect the American way of life. Increasingly the traditional “analog” threats that have challenged our armed forces and intelligence agencies have been made worse, or supplanted, by cyber threats that have the capacity to inflict both tactical and strategic damage as bad or worse than conventional weapons. The pandemic and the exponential expansion of our use of the Internet has accelerated the pace of our adoption of broadband enabled…

Source…

Cyberattack on U.S. government is just part of a vast and ignored Russian threat

/in


ANALYSIS/OPINION:

Russia’s recent mass-scale cyber intelligence operation, targeting multiple government agencies, corporations and think tanks, was a catastrophic event.

The Russians compromised vital U.S. infrastructure, defense and technology industries, and critical government agencies, such as the Departments of Homeland Security, Defense, State, Energy and Treasury. The attackers exhibited highly sophisticated tradecraft, exceptional operational stealth, and extreme patience and determination. 

What very few Americans realize is that this is but a single page out of Russian President Vladimir Putin’s war plan for defeating America. The success of this operation resulted from a failure to recognize the systemic Russian threat to the United States and treat it with the seriousness it requires. While the American leadership class is focused on the long-range threat from China and fantasies about Mr. Putin deputizing President Trump as a secret agent, the present and ongoing danger from the Kremlin is frighteningly minimized.

A close reading of unclassified, often highly technical, Russian-language sources has convinced me that Russia expects eventual war with the United States and is preparing for it. 

Source…