Top Treasury Email Accounts Exposed In SolarWinds Hack: Report
The hackers performed a complex step inside Microsoft Office 365 to create an encrypted “token” that tricked the Treasury’s system into thinking the hackers were legitimate users, The New York Times said. By Michael Novinson December 21, 2020, 10:12 PM EST
The SolarWinds hackers seized upon a Microsoft flaw to infiltrate the email system used by the U.S. Treasury Department’s senior leadership, The New York Times reported.
Dozens of Treasury email accounts were compromised, including those in the departmental offices division, where the most senior officials operate, Sen. Ron Wyden, D-Ore., told the Times on Monday. Hackers gained access to the Treasury’s email system in July by manipulating internal software keys, and the breach came to light from Microsoft, which runs much of Treasury’s communications software.
Share
Source: AP Photo/Evan Vucci
President Donald Trump on Saturday said a cyberattack that impacted the U.S. Department of Treasury and Commerce Department s National Telecommunications and Informations Administration (NTIA) could actually be broader in scope and include voting machines.
He also claimed that Russia or China could be behind the cyber attack. The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!), Trump tweeted. There could also have been a hit on our ridiculous voting machines during the election, which is now obvious that I won big, making it an even more corrupted embarrassment for the USA.
Cybersecurity chief, fired by Trump over election, no longer media darling after government hack bizpacreview.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bizpacreview.com Daily Mail and Mail on Sunday newspapers.
Microsoft Breached Via SolarWinds As Scope Of Destruction Widens: Report
Suspected Russian hackers capitalized on Microsoft’s wide use of SolarWinds to infiltrate the software giant, and then used Microsoft’s own products to further their attacks on other victims, Reuters said. Microsoft pushed back on the report. By Michael Novinson December 17, 2020, 08:23 PM EST
The SolarWinds breach has claimed its second reported private-sector victim, with hackers capitalizing on Microsoft’s wide use of SolarWinds to infiltrate the software giant, Reuters said.
Just like with SolarWinds, Reuters reported that Microsoft’s own products were then used to further the attacks on other victims. It wasn’t immediately clear how many Microsoft users were affected by the company’s tainted products, according to Reuters, citing people familiar with the matter.