Massive US cyberattack spreads to other countries and raises alarms



[ad_1]

The devastating cyberattack on various US government agencies has also affected targets around the world and, as the list of victims continues to grow, investigators say IT security and the spying.

Microsoft said Thursday that it had notified more than 40 customers affected by these malware, which security experts said came from hackers linked to the Russian government and allowed attackers unrestricted access to their networks.

“Despite the fact that about 80% of these customers are located in the United States, the study has so far identified victims from seven other countries,” Microsoft President Brad Smith said on his blog.

Smith said there is victims also in Belgium, Canada, Israel, Mexico, Spain and the United Arab Emirates.

“It is certain that the number and location of the victims will continue to increase,” Smith admitted, joining the warnings already expressed by US officials about the severity of the attack.

Microsoft authorities on alert for the massive cyberattack.  Photo: REUTERS

Microsoft authorities on alert for the massive cyber attack. Photo: REUTERS

“It’s not ‘espionage as usual’ even in the digital age,” said the president of Microsoft.

“Instead, it highlights an act of recklessness that created severe technological vulnerability for the United States and the world, ”he warned.

John Dickson of security firm Denim Group said several potentially vulnerable private sector companies are now struggling to strengthen their security, even when considering rebuilding their servers and other equipment.

“Everyone’s doing a damage assessment now because it’s huge,” Dickson said. “It’s a blow to confidence in both government and critical infrastructure.”

Large scale attack

The threat comes from a long-term attack that purports to inject malware into computer networks using business management software created by Texas tech company SolarWinds and is said to be carrying the hallmark of an attack. national.

James Lewis, vice president of the Center for Strategic and International Studies, said the cyberattack could end up being thI suffered the most in America, above the one who affected government personnel files in 2014, and who was then suspected of Chinese infiltration.

“The scale is overwhelming. We don’t know what they took, that’s one of the jobs of forensic science,” Lewis said.

“We also don’t know what they left behind. The normal practice is to leave something behind so that we can go into the future,” the expert added.

Thousands of private and government users downloaded a contaminated software update that allowed hackers to access sensitive information.  Photo: REUTERS

Thousands of private and government users downloaded a corrupted software update that allowed hackers to gain access to sensitive information. Photo: REUTERS

Threat to security

The National Security Agency called for increased vigilance to prevent unauthorized access to major military and civilian systems.

For analysts, these cyber attacks represent threats to national security due to infiltration into major government systems, which can also pose risks to the control of major infrastructure systems such as power grids.

The US Agency for Cyber ​​Security and Infrastructure Security (CISA) said government agencies, critical infrastructure entities and the private sector were targeted by what they described as an “advanced and persistent threat actor. “.

CISA has not identified who is behind these malware attacks, but private security companies have reported hackers linked to the Russian government.

Secretary of State Mike Pompeo also suggested a Moscow involvement Monday, when he said the Russian government has repeatedly attempted to breach U.S. government networks.

President-elect Joe Biden, for his part, expressed “great concern” about computer infiltration, while Republican Senator Mitt Romney blamed Russia and criticized what he called “inexcusable silence” from the White House.

The cyberattack was, according to Romney, as if “Russian bombers had repeatedly flown undetected across our country.”

Senator Marco Rubio, also a Republican, told Fox News: “It’s huge (…) It’s still ongoing … It’s a serious risk for the federal government, state, local, for critical infrastructure, for the private sector “.

CISA said the computer intrusions had started at least since March of this year, and its manager “has shown patience, security and complex business skills.”

“This threat poses a serious risk,” the CISA warned Thursday, adding that it anticipated that “removing this threatening actor from compromised environments will be very complex and difficult for organizations”.

The hackers allegedly installed their malware in programs used by the Treasury and Commerce departments, allowing them to view internal email traffic.

According to press reports, the energy ministry, which manages the government’s nuclear arsenal, was also violated.

SolarWinds has admitted that some 18,000 customers, including government agencies and large corporations, have downloaded compromised software updates, allowing hackers to spy on their emails.

After the cyberattack was detected, the CISA ordered federal agencies to deactivate the infringed software.

Source: AFP

CB

.

[ad_2]
Source link