And why it could take months more to discover how many other governments and companies have been breached.
By
Category: government – Page 109
SAN FRANCISCO (Reuters)-Microsoft Corp said on Thursday it found malicious software in its systems related to a massive hacking campaign disclosed by U.S. officials this week, adding a top technology target to a growing list of attacked government agencies.
The Redmond, Washington company is a user of Orion, the widely deployed networking management software from SolarWinds Corp which was used in the suspected Russian attacks on vital U.S. agencies and others.
Microsoft also had its own products leveraged to attack victims, said people familiar with the matter. The U.S. National Security Agency issued a rare “cybersecurity advisory” Thursday detailing how certain Microsoft Azure cloud services may have been compromised by hackers and directing users to lock down their systems.
According to a report from the Intercept, “state-sponsored hackers believed to be from Russia have breached the city network.” City officials told KVUE they are aware of the hacking group but cannot comment on an ongoing investigation.
The breach is believed to have started in October as part of a series of hacks allegedly carried out by the group Berserk Bear, as reportedly revealed by Microsoft Threat Intelligence Center documents obtained by the Intercept.
According to an October CISA alert, a Russian state-sponsored actor was targeting federal, state, territorial and tribal government networks and aviation networks. CISA urged entities to perform a full password reset and systematically rebuild the network. A statement following the alert named Berserk Bear as the actor, with Texas included in a map of compromised targets.
Microsoft wants you to know this hack is even bigger than you think.
Microsoft president Brad Smith warned that the wide-ranging hack of the SolarWinds’ Orion IT software is “ongoing,” and that investigations reveal “an attack that is remarkable for its scope, sophistication and impact.” The breach targeted several US government agencies and is believed to have been carried out by Russian nation-state hackers.
Smith characterized the hack as “a moment of reckoning” and laid out in no uncertain terms just how large and how dangerous Microsoft believes the hack to be. It “represents an act of recklessness that created a serious technological vulnerability for the United States and the world,” Smith argues.
He believes that it “is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency.” Though the post stops short of explicitly accusing Russia, the implication is very clear. “The weeks ahead will provide mounting and we believe indisputable evidence about the source of these recent attacks,” according to Smith.
As the U.S. government works to contain a sprawling hacking campaign that relies on software in technology from SolarWinds, a federal contractor, technology firms are disabling some of the hackers’ key infrastructure.
Cybersecurity giant FireEye on Wednesday said that it had worked with Microsoft and the domain registrar GoDaddy to take over one of the domains that attackers had used to send malicious code to victim machines. The move is no panacea for stopping the suspected state-sponsored hacking campaign, though it could help stem the tide of victims, which reportedly includes the departments of Treasury and Homeland Security.
The seized domain, known as a “killswitch,” will “affect new and previous” infections of the malicious code coming from that particular domain, FireEye said in a statement that was first reported by independent journalist Brian Krebs. “Depending on the IP address returned when the malware resolves avsvmcloud[.]com, under certain conditions, the malware would terminate itself and prevent further execution.”
ESET researchers have uncovered a supply-chain attack on the website of a government in Southeast Asia.
Just a few weeks after the supply-chain attack on the Able Desktop software, another similar attack occurred on the website of the Vietnam Government Certification Authority (VGCA): ca.gov.vn. The attackers modified two of the software installers available for download on this website and added a backdoor in order to compromise users of the legitimate application.
The widespread and monthslong hack of the U.S. government and some of America’s biggest corporations was enabled by an unlikely source: a little-known Austin, Texas, software company called SolarWinds Corp. that until this week was a household name only to computer network administrators.
Security investigators say the company that boasts more than 400 of the Fortune 500 corporations and many government agencies as clients provided the perfect delivery mechanism for a carefully executed intrusion attributed to Russia’s foreign-intelligence service.
SolarWinds provides the tools many companies use to manage their computer networks. That’s what made the hack of U.S. government agencies and some of America’s biggest corporations so pernicious.
The US government has confirmed that a massive hack had occurred in at least two federal departments, including the US Treasury and the Department of Commerce.
Hackers were able to monitor internal emails at US federal departments, including the Treasury, for months. There is concern officials have only scratched the surface of understanding the hack’s effects.
The U.S. government Agencies and cybersecurity firm FireEye were hacked using SolarWinds software supply chain attack.
Elon Musk has been a vocal critic of artificial intelligence, calling it an “existential threat to humanity”. He is wrong, right?
Musk is heavily invested in AI research himself through his OpenAI and NeuroLink ventures, and believes that the only safe road to AI involves planning, oversight & regulation. He recently summarized this, saying:
“My recommendation for the longest time has been consistent. I think we ought to have a government committee that starts off with insight, gaining insight… Then, based on that insight, comes up with rules in consultation with industry that give the highest probability for a safe advent of AI.”