Tag Archive for: weighs
SolarWinds hack: US weighs ‘seen and unseen’ responses to major cyber attack
The White House is in “the closing stages” of deciding how to respond to a hack that compromised popular software by Texas-based SolarWinds Corp., according to Jake Sullivan, President Joe Biden’s national security adviser.
Sullivan said the US is considering “seen and unseen” responses to the attack, suspected of being carried out by Russian hackers and affecting at least 100 US companies and nine federal agencies.
“We’re in the closing stages of that process with options that will be presented at the highest levels here,” Sullivan said in an interview with Bloomberg News.
While Sullivan declined to elaborate, the US response could include sanctions, expelling Russian diplomats, indicting the suspected hackers or some kind of covert cyber retaliation against Russia. However, there’s growing frustration among lawmakers that those methods — used in response to previous hacks — haven’t deterred US adversaries from attacking its computer networks.
The administration continues to be focused intensively on remediation, Sullivan said. “Meaning, making sure that we’ve address the vulnerabilities of federal networks in particular,” Sullivan said.
The breach — along with another of Microsoft Corp.’s Exchange email software — is an early test for Biden and his cybersecurity team.
In December, cybersecurity analysts discovered a sprawling espionage campaign in which hackers compromised SolarWinds software, inserting malicious code into updates. As many as 18,000 customers received the malicious updates, though far fewer were targeted for follow-on attacks by the suspected Russian hackers.
This month, Microsoft revealed that suspected Chinese hackers exploited flaws in the code of Exchange to breach customer email systems. Cybersecurity experts say the attack had tens of thousands of victims.
The administration is working with Microsoft to encourage customers to patch their systems, and the nine compromised federal agencies are supposed to complete internal reviews of the breaches this month.
The Cybersecurity 202: White House weighs new cybersecurity proposals after two major hacking campaigns
“We still believe that public-private partnership is foundational in cybersecurity and we want to ensure we’re taking every opportunity to include key private-sector participants early and directly in our remediation efforts,” a senior administration official said.
It’s a major step towards transparency for the Biden administration, which is stressing strengthening relations between the private and public sector in the fallout from the Russian SolarWinds hacking campaign that infiltrated at least nine government agencies and about 100 companies.
The more recent Microsoft hack has added urgency to fixing those relations. Microsoft announced earlier this month a group of hackers tied to China exploited a vulnerability in its Microsoft Exchange product. Other cybercriminals have since swooped in to take advantage of servers that have not yet been updated to fix the vulnerability.
The situation escalated last week when Microsoft reported that hackers were targeting vulnerable servers with ransomware, a software loaded with a program allowing hackers to lock up computer systems and data for money. Vulnerable Microsoft users include hundreds of banks, health-care and government servers, researchers at the cybersecurity firm RiskIQ found. Pulling off a successful ransomware attack against any one of them could create major chaos.
A White House team is examining how to address concerns from the private sector over information-sharing with the government, the official said. Congress also is slated to roll out proposals regarding cybersecurity incident sharing in the coming weeks.
The White House is also readying a slew of proposals to strengthen cybersecurity.
The Biden administration is weighing a number of potential solutions, including a ratings system for software, the official said. The grading system would be similar to that used by local health departments for restaurants. The idea of a cybersecurity rating has been pushed by Congress’s bipartisan Cyberspace Solarium Commission as well as some industry groups.
The administration also is mulling a law such as the one introduced in Singapore requiring home devices to come with security labels.
Executive orders addressing the two…
Expert weighs in on why hackers attack schools and what usually happens
HUNTSVILLE, Ala. (WAFF) – In recent years, cybersecurity attacks on schools have become more and more common.
© Provided by Huntsville-Decatur WAFF
More information on school cyber security in Huntsville
![graphical user interface: More information on school cyber security in Huntsville](https://www.bing.com/news/{"default":{"load":"default","w":"80","h":"45","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1bKaaB.img?h=450&w=799&m=6&q=60&o=f&l=f"},"size3column":{"load":"default","w":"62","h":"35","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1bKaaB.img?h=351&w=624&m=6&q=60&o=f&l=f"},"size2column":{"load":"default","w":"62","h":"35","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1bKaaB.img?h=351&w=624&m=6&q=60&o=f&l=f"}})
No one knows that better than Doug Levin, he’s behind the K-12 Cybersecurity Resource Center. It’s a unique database tracking cyber security threats to U.S. public schools.
Load Error
Levin began noticing cyber attacks on schools back in 2016, since then, there have been more than 1,000 threats tracked by the site.
“I’ve grown increasingly convinced that this is a problem, that we need to raise awareness about these issues,” he said.
Levin said schools are being targeted more and more now-a-days for a few reasons, he said they usually under-invest in I.T. support and security, computer systems tend to be older and out-of-date because of budget issues and most of all, schools are a need for communities.
“They offer essential services, so there isn’t a lot of tolerance in the community for them being knocked offline, meaning that there is a greater chance hackers can extort money from them,” Levin said.
As for a timetable on a return to devices, Levin said it varies on severity, but he thinks HCS may be dealing with a more severe threat since they’ve asked students and staff to shutdown all devices.
“In that case, you certainly are looking at maybe weeks before things are approaching back to normal, though it could be many months before systems are fully restored,” he said. “A lot of it depends on how the school district approaches it’s recovery efforts and whether they are able to really recover all of that information that may have been compromised.”
Even if the school system does have good backups, there is still the issue of making sure you figure out how your system was inflitrated.
“Unfortunately we’ve seen circumstances where school district have had good backups and tried to restore, but weren’t able to completely evict the malware from their system,” Levin said. “Then only to find themselves get reinfected quickly soon thereafter, so it’s definitely a complicated process.”
So far, HCS said they aren’t sure what…