Tag: SolarWinds | Page 27

The fallout from SolarWinds hack will get worse before it gets better

December 21, 2020/in Computer Security

US government agencies and private organizations have been the targets of a cyberattack that was only just uncovered this month.
A group of hackers believed to be associated with the Russian intelligence agency SVR infiltrated a SolarWinds software update earlier this year.
This is a huge problem for two major reasons: The attackers were able to gain access for a long period of time without being detected, and it will also take a long time for security experts to determine the extent of what’s been compromised.
“Fragments of attacks can sit dormant for months, and years, and only revive when the author wants them to begin their job,” cybersecurity expert Sean Harris told Business Insider. “Stealth is the most worrisome aspect of these ‘attacks.'”
Visit Business Insider’s homepage for more stories.

For months, US government agencies and private organizations have been the targets of what’s being called the most widespread cyberattack ever, and one that went largely undetected until this month. At the center of the attack is a company most people have never heard of called SolarWinds, which provides IT infrastructure management tools to hundreds of thousands of customers including government agencies, corporations, and nonprofit organizations.

A SolarWinds software update earlier this year was infiltrated by a group of hackers believed to be associated with the Russian intelligence agency SVR, in what is known as a supply chain attack. As a result, the hackers’ malware was able to infect the networks of many, if not all of, SolarWinds’ customers as they updated their SolarWinds Orion software.

“The number of organizations that downloaded the corrupted update could be as many as 18,000, which includes most federal government unclassified networks and more than 425 Fortune 500 companies,” Tom Bossert, former Homeland Security Advisor, said in an op-ed in the the New York Times on Thursday.

Not only is this attack extraordinary in its scope, it’s devastating in its impact — largely because of two things. First, the attackers were able to gain covert access for a long period of time without being detected. And second, it will be even…

Source…

Massive SolarWinds hack has big businesses on high alert

December 19, 2020/in Computer Security

The US government was rattled this week by a cyberattack that compromised a third-party software vendor’s systems and led to data breaches at several federal agencies, including the Department of Commerce, the Department of Energy and the Department of Homeland Security’s cyber arm.

a sign on the side of a building: SolarWinds headquarters in Austin, Texas on December 15, 2020.

© Shutterstock
SolarWinds headquarters in Austin, Texas on December 15, 2020.

But the attack on SolarWinds, a firm that was far from a household name before, has also put many of the biggest companies in the country on alert.

Load Error

SolarWinds said in an investor filing this week that as many as 18,000 of its customers — out of a total of 300,000 — may have been running software containing the vulnerability that allowed the hackers to penetrate the Commerce Department. US officials suspect Russian-linked hackers are behind the breach.

SolarWinds provides services to more than 425 companies in the US Fortune 500, it boasted on a page on its website that has since been taken down but remains accessible on the Wayback Machine internet archive.

The firms listed on the page included big names such as Cisco, AT&T, Microsoft, Comcast and McDonald’s, as well as financial giants Visa and Mastercard. A number of these firms told CNN Business that they are currently conducting investigations. At least two say they have been affected to some degree.

A Cisco spokesperson told CNN Business on Friday that it had “identified and mitigated affected software in a small number of lab environments and a limited number of employee endpoints.”

Video: US agencies investigating hack of government networks (CNN)

US agencies investigating hack of government networks

UP NEXT

“At this time, there is no known impact to Cisco offers or products,” the spokesperson said. “We continue to investigate all aspects of this evolving situation with the highest priority.”

Microsoft also acknowledged that it was impacted by the hack.

“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries…

Source…

SolarWinds hack sets experts scrambling | Western Advocate

December 19, 2020/in Computer Security

news, world

Suspected Russian hackers who broke into US government agencies also spied on less high-profile organisations, including groups in Britain, a US internet provider and a county government in Arizona, according to web records and a security source. More details were revealed on Friday of the cyber espionage campaign that has computer network security teams worldwide scrambling to limit the damage. US Secretary of State Mike Pompeo told a radio show the intrusion appeared to come from Russia. “I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity,” he told the Mark Levin show. Networking gear maker Cisco Systems said a limited number of machines in some of its labs had been found with malicious software on them, without saying if anything had been taken. A person familiar with the company’s ongoing probe said fewer than 50 were compromised. In Britain, a small number of organisations were compromised and not in the public sector, a security source said. Shares in cyber security companies FireEye, Palo Alto Networks and Crowdstrike Holdings rose on Friday as investors bet that the spate of disclosures from Microsoft Corp and others would boost demand for security technology. Reuters identified Cox Communications and Pima County, Arizona, government as victims of the intrusion. The hack hijacked ubiquitous network management software made by SolarWinds Corp. The breaches of US government agencies, first revealed by Reuters on Sunday, hit the Department of Homeland Security, the Treasury Department, State Department and Department of Energy. In some cases the breaches involved monitoring emails but it was unclear what hackers did while infiltrating networks, cybersecurity experts said. Trump has not said anything publicly about the intrusion. He was being briefed “as needed”, White House spokesman Brian Morgenstern told reporters. National security adviser Robert O’Brien was leading interagency meetings daily, if not more often, he said. No determinations have been made on how to respond or who was responsible, a senior US official said. SolarWinds, which disclosed its unwitting role at the centre of the global hack…

Source…

Worst may be yet to come in SolarWinds hacking

December 18, 2020/in Internet Security

The first damage assessment of a sprawling cyber attack believed to be linked to Russia has been chilling enough.

With intrusions reported across a huge swath of the government – including at the Department of Energy’s National Nuclear Security Administration – federal officials already are signaling that the worst may be yet to come.

The Department of Homeland Security’s cyber security unit has acknowledged that the full scope of the attack is not yet known, with an untold number of local government and private sector systems at “grave risk.”

More:US under cyber attack believed to be tied to Russia: Private sector, infrastructure, all levels of government at risk

FireEye hack:What you need to know about the cybersecurity attack against the US

Although federal authorities have so far traced the attack’s launch back to March, it remains unclear just how long operatives have been lurking in some of the government’s most critical agencies – including the departments of State, Homeland Security, Treasury and Commerce –and what may have been lost or compromised.

Because the attacks employed sophisticated tactics unseen in past intrusions, according to Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), eliminating the threat is expected to be even more difficult.

Where is the White House?

Most striking, perhaps, has been the White House’s silence as other parts of the government have been ringing the alarm about the cascading threat and the uncertain risk, raising questions about how the U.S. should respond.

Source…

Tag Archive for: SolarWinds