The insertion of malware into SolarWinds’ popular Orion network management software sent the federal government and major parts of corporate America scrambling this week to investigate and mitigate what could be the most damaging breach in US history. The malware, which cybersecurity company FireEye (itself the first public victim of the supply chain interference) named SUNBURST, is a backdoor that can transfer and execute files, profile systems, reboot machines and disable system services.
Reuters broke the story that a foreign hacker had used SUNBURST to monitor email at the Treasury and Commerce Departments. Other sources later described the foreign hacker as APT29, or the Cozy Bear hacking group run by Russia’s SVR intelligence agency. Subsequent press reports indicated that the malware infection s reach throughout the federal government could be vast and includes only preliminarily the State Department, the National Institutes of Health, the Department of Homeland Security
Barr agrees with Pompeo that Russians appear to be behind US government hack Print this article
Attorney General William Barr said he agreed with Secretary of State Mike Pompeo that the Russians were behind the global cyberattack that affected numerous federal government agencies, even as President Trump has speculated China may have been culpable.
“From the information I have, you know, I agree with Secretary Pompeo’s assessment,” Barr said during a press conference announcing new charges in the 1988 Lockerbie bombing and in which he shot down the idea of appointing special counsels to investigate Hunter Biden or allegations of voter fraud. “It certainly appears to be the Russians, but I’m not going to discuss it beyond that.”
Mike Pompeo Says Pretty Clearly It Was The Russians Behind SolarWinds Hack Newsweek 19/12/2020 Jeffery Martin
U.S. Secretary of State Mike Pompeo revealed during a Friday interview that he believes that Russia was behind a widespread cyberattack that potentially breached the computer systems of U.S. government agencies.
Hackers exploited a vulnerability in software created by Texas technology firm SolarWinds and inserted malicious code. The software called Orion was designed to monitor computer networks for security flaws. While investigators into the attack have been reticent to name the entity behind the hacking, Pompeo said during a Friday interview on
The Mark Levin Show that Russia was the main suspect.
To revist this article, visit My Profile, then View saved stories.
This week news broke that United States government agencies and corporations alike as well as international targets were victims of a massive nation-state espionage campaign. But as the revelations continue to pile up, and new targets are discovered by the day, it can be hard to get a handle on what exactly happened and what it all means.
The hackers, who have been widely reported as Russian, compromised high-profile targets like the US Commerce, Treasury, Homeland Security, and Energy Departments, as well as companies like the security firm FireEye. All of the attacks appear to stem from one initial compromise of the IT infrastructure and network-management firm SolarWinds. Hackers had breached the company as far back as October 2019, then planted malicious code in software updates to its network-monitoring tool, Orion. Any customer that installed an Orion patch released between March and June inadvertently plante
Steve Kenny, The New York Times
Published: 19 Dec 2020 08:19 PM BdST
Updated: 19 Dec 2020 08:19 PM BdST US Secretary of State Mike Pompeo speaks at a press briefing at the State Department in Washington, US, April 22, 2020. Reuters
Secretary of State Mike Pompeo said Friday it was clear that Russia was behind the widespread hacking of government systems that officials this week called “a grave risk” to the United States. );
}
Pompeo is the first member of the Trump administration to publicly link the Kremlin to the cyberattack, which used a variety of sophisticated tools to infiltrate dozens of government and private systems, including nuclear laboratories and the Pentagon, Treasury and Commerce departments.