Russian hackers? US government confirms massive cyber attack on its networks

The government of United States confirmed this Sunday December 14 that their computer networks have been affected by a cyber attack. The newspaper The Washington Post He noted that at least two government departments, including the Treasury, have been hijacked by hackers.

“We are working closely with our partner agencies regarding recently discovered activities on government networks,” he told the agency. AFP a spokesperson for the Infrastructure and cybersecurity security agency (CISA, for its acronym in English). “CISA provides technical assistance to affected entities as part of its work to identify and mitigate any potential compromises.”

As published The New York Times, the Trump administration admitted that “the hackers who acted on behalf of a foreign government (almost certainly a Russian intelligence agency according to federal and private experts), they broke into various key government networks and gained access to their messaging systems. “

North Korea suspected of hacking information on AstraZeneca vaccine

The Washington Post added that the attacks were linked to another product last week against cybersecurity firm FireEye, who said its own defenses were breached by sophisticated attackers who stole tools used to test customers’ computer systems. FireEye said she suspected the attack “was sponsored by a state.”

The US press reported that the FBI was investigating a group working for the Russian Foreign Intelligence Service, SVR. As they added, the same group hacked United States government agencies under the administration of Barack Obama.

“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any potential problems related to this situation,” said National Security Council spokesperson John Ullyot.

If the connection with Russia is confirmed, the New York Times notes, It will be the most sophisticated US government data theft known to Moscow of a two-year wave in 2014 and 2015, during which Russian intelligence agencies gained access to unclassified messaging systems at the White House. It took years to repair the damage, but President Barack Obama decided at the time not to name the Russians as the perpetrators, a move many in his administration now see as a mistake.

Pfizer vaccine data hacked but won’t affect time of approval

What is FireEye

FireEye is a leading company in cyber security with many major clients including the United States Federal Government. The company said hackers “working for a state” had stolen some of its valuable tools to find vulnerabilities in their customers’ systems. This was the key to giving the aforementioned SVR, one of Russia’s leading intelligence agencies. It is often referred to as the Cozy Bear or APT 29.

FireEye customers, including the Department of Homeland Security and intelligence agencies, hire the company to intentionally hack into their systems using the company’s extensive database of techniques. Its tools mimic a real hacker and are used to close security holes in networks.

Hackers are believed to have embedded their code in regular updates to the Orion software used to manage networks by a company called SolarWinds. Its products are widely used in corporate and federal networks, and the malware has been carefully infiltrated to avoid detection.

The Austin, Texas-based company says it has more than 300,000 customers, including most of the nation’s Fortune 500 companies. But it’s unclear how many of them are using the Orion platform that Russian hackers have invaded, or if they’ve all been targeted.