Tag Archive for: russian

’20 Russian hack alerts businesspeople to the frailties of the system – News is My Business

/in


It is known that one of the ways to collect business intelligence is to infiltrate spy executives in key positions of multinationals. (Credit: Michael Borgers | Dreamstime.com)

The suspected epic cyberattack, or spy operation into the US government apparatus opens our eyes even wider to the vulnerabilities of the internet spectrum.

The news reports say American officials suspect a Russian spy agency has carried out what they describe as a “distressing feat of espionage into dozens of state corporations and government agencies.”

Historically, the Russian regime has been shameless about its cyber operations against the United States since the initial days of the Cold War. Satellite communication disruptions, laser ray attacks on sensitive radar installations in the Middle East, alleged radiation attacks against the US embassy in Moscow and Havana, Cuba… are just a few of the clandestine servings of Russian cyber operations.

ON GUARD — As much as the news media has raised the issue of data espionage by the security agencies of the United States and other industrialized countries, has made many businesspeople consider how to protect their confidential communications. Even against its own and competitors. Certainly, the scrutinizing eye of the federal government is deep. And there is not only military and political espionage, but a large slice of this activity includes industrial sniffing.

The reason for this is that nations with scientific advancement fear the unfair theft of their technologies for which a lot of money and human resources have been invested. The United States has never denied that it spies on multinational companies. The CIA is even known to be involved in many commercial espionage operations. Unlike Russia or China and other countries with centralized economies, the US swears it does not share its secret data outside its national security operations. So also say the Russians.

SKEPTICISM — Believing that requires a great leap of faith. However, there are several reasons the governments give to justify their shadow incursions into private data. The great slice of their…

Source…

Donald Trump Is Talking About Everything but the Alleged Russian SolarWinds Hack

/in

As authorities probe a suspected Russia-led hack of government networks, President Donald Trump has been publicly silent on the matter.

Even as a slew of federal agencies acknowledged their computer systems appeared to have been affected by malware spread via Texas-based software company SolarWinds, Trump continued to tweet about a presidential election he had already lost.

With roughly a month left of his first and presumably only term in the White House, Trump claimed on Thursday, without evidence, that the outcome of the November vote was “rigged,” and suggested that the Democratic Party had somehow stolen the election.

The same day, a warning emerged from the Cybersecurity and Infrastructure Security Agency (CISA), saying that the SolarWinds hack posed a “grave risk” to all levels of the U.S. government, alongside critical infrastructure entities and businesses.

CISA, which operates under Homeland Security, said evidence suggested agencies had been compromised by an advanced persistent threat (APT) actor—another term given to a nation state-level cybersecurity adversary—since at least March 2020.

Trump remained silent as multiple administration officials alluded to the evidence that pointed in the direction of Russia. Secretary of State Mike Pompeo noted there had been a “consistent effort of the Russians to try and get into American servers.”

Trump remained publicly silent as the Department of Energy, which includes a division overseeing the nuclear weapons stockpile, confirmed it found malware linked to the hackers on its business networks as part of a probe happening in real-time.

And Trump did not respond publicly as his former homeland security adviser Thomas P. Bossert said the “magnitude of this ongoing attack is hard to overstate” and noted that Trump was “on the verge of leaving behind a federal government, and perhaps a large number of major industries, compromised by the Russian government.”

On December 13, then…

Source…

Cybersecurity agency warns suspected Russian hacking campaign broader than previously believed

/in


An alarming new alert issued by the Department of Homeland Security’s cyber arm Thursday revealed that Russian hackers suspected of a massive, ongoing intrusion campaign into government agencies, private companies and critical infrastructure entities used a variety of unidentified tactics and not just a single compromised software program.



a screen shot of an open laptop computer sitting on top of a table

© Shutterstock


Specifically, the Cybersecurity and Infrastructure Security Agency said it has determined that the SolarWinds Orion software vulnerability disclosed earlier this week is not the only way hackers compromised a variety of online networks — warning that in some cases, victims appeared to have been breached despite never using the problematic software.

The news will likely only compound already escalating concerns about the scale and scope of the data breach, which CISA said Thursday “poses a grave risk” to networks across both the public and private sector.

“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” the alert issued by the agency said. “CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”

The agency also acknowledged Thursday that the hackers used “tactics, techniques and procedures that have not yet been discovered,” adding that it is continuing to investigate whether, and how, other intrusion methods may have been used since the campaign began months ago.

The analysis comes as the list of US agencies, private companies and other entities affected by the hacking campaign continues to increase.

Hours after the CISA alert was released, the US Energy Department said it had evidence that hackers accessed some of its networks using the same malware associated with the ongoing data breach already impacting almost half a dozen federal agencies.

The department maintains that the impact has been “isolated to business networks” and “has not impacted the mission essential national security functions of the Department, including the National Nuclear Security Administration…

Source…

US cybersecurity agency warns suspected Russian hacking campaign broader than previously believed

/in


An alarming new alert issued by the Department of Homeland Security’s cyber arm Thursday revealed that Russian hackers suspected of a massive, ongoing intrusion campaign into government agencies, private companies and critical infrastructure entities used a variety of unidentified tactics and not just a single compromised software program.



a screen shot of an open laptop computer sitting on top of a table

© Shutterstock


Specifically, the Cybersecurity and Infrastructure Security Agency said it has determined that the SolarWinds Orion software vulnerability disclosed earlier this week is not the only way hackers compromised a variety of online networks — warning that in some cases, victims appeared to have been breached despite never using the problematic software.

Loading...

Load Error

The news will likely only compound already escalating concerns about the scale and scope of the data breach, which CISA said Thursday “poses a grave risk” to networks across both the public and private sector.

“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” the alert issued by the agency said. “CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”

The agency also acknowledged Thursday that the hackers used “tactics, techniques and procedures that have not yet been discovered,” adding that it is continuing to investigate whether, and how, other intrusion methods may have been used since the campaign began months ago.

The analysis comes as the list of US agencies, private companies and other entities affected by the hacking campaign continues to increase.

Hours after the CISA alert was released, the US Energy Department said it had evidence that hackers accessed some of its networks using the same malware associated with the ongoing data breach already impacting almost half a dozen federal agencies.

The department maintains that the impact has been “isolated to business networks” and “has not impacted the mission essential national security functions of the Department, including the National Nuclear…

Source…