WASHINGTON – According to those familiar with the subject, the alleged Russian hacker attacks against U.S. government agencies and private companies around the world have gone largely unnoticed by the Trump administration and cyber security companies for months.
The Russian operation was revealed on Sunday to the consternation of current and former intelligence services, security experts and legislators, some of whom were surprised at the seemingly large-scale attack that had eluded them for so long.
As early as March of this year, customers of SolarWinds Inc, an American network management company, unintentionally started installing malware as part of a routine and seemingly easy-to-use update of software called Orion, according to the company.
The update, which would be extremely difficult to define as a threat, contained what researchers called a backdoor that could provide easy access to the nearly 18,000 organisations that downloaded the update. Researchers expect fewer, perhaps hundreds of victims to be totally compromised.
According to officials and individuals familiar with the ongoing investigation, the U.S. Department of Commerce and the U.S. Treasury Department have been compromised by the flaws in some of their systems.
On Monday, the list of institutions known to have been affected was considerably expanded. The Ministry of National Security, the national health institutions and the Ministry of Foreign Affairs have also been hacked, according to people familiar with the subject.
All three agencies refused to comment on their infringements. The Washington Post first reported the raids by the NIH and the State Department on Monday.
The burglaries detected so far appear to be part of the total number of federal and private networks compromised by Russian spies wishing to monitor internal communications.
According to a person familiar with the ongoing investigation, the national security authorities and the arms companies are also among the perpetrators of the espionage campaign. The individual and others who have been informed about this issue have stated that this violation was perhaps one of the greatest weaknesses of national security in recent years.
The same group has been associated with cyber-espionage campaigns in the past, including the invasion of several agencies, including the Ministry of Foreign Affairs and the White House, under the Obama administration.
The Russian Embassy in Washington DC denied any responsibility and stated that the accusations were unfounded attempts by the American media to incriminate Russia.
Researchers are still in the process of estimating the total impact. On Monday, when the Securities and Exchange Commission filed the report of the burglary, SolarWinds said it had informed 33,000 customers of the burglary and believed the number of customers who installed the Orion update stolen between March and June of this year was less than 18,000.
The attack on SolarWinds seems to have given hackers access to an extensive list of the most popular computer systems that could be of interest to a foreign enemy. The company has contracts with all five branches of the military and various national security agencies, as well as major defence contractors, including
Lockheed Martin Korp.
and more than 400 of the Fortune 500 companies.
SolarWinds works with
The eye of fire,
A leading U.S. cyber security, intelligence and law enforcement company is conducting an investigation, the spokesman said.
SolarWinds, which became public in 2018, reported that it informed 33,000 customers of the collapse.
Photo:
The brand McDermid/Reuters
It was impossible to know how SolarWinds itself was hacked. In its SEC file, the company stated that its Microsoft Office 365 messaging systems had been compromised and that this incident may have given access to other data in the company’s Office productivity tools. In an article published on the Sunday blog, Microsoft indicated that after investigating the incident it had found no vulnerabilities in its products.
Last week FireEye gave a vague description of the hacking, which it said was carried out by a competent foreign government, although it did not publicly say which country it considered responsible.
According to people familiar with the case, the contours of a suspicious Russian cyber-espionage campaign, including violations by government agencies, began to emerge last weekend as details of the FireEye hacking allowed government and administrative officials to check their systems for possible intrusion.
The damage caused by FireEye has affected not only the United States so far, but also customers around the world – in North America, Europe, Asia and the Middle East – and in a number of industries including telecommunications, technology, healthcare, automotive, energy and government, said one person familiar with the company’s investigation.
US authorities and technology companies have reported several cases of cyber attacks and attempted Russian intervention in the run-up to the 2020 elections. WSJ investigates how Russian hackers and trolls have added new tactics to their tools for 2016. (Originally published on 2 November)
As a sign of the seriousness of the threat, the Cyber and Infrastructure Security Agency, part of the Ministry of Homeland Security, which helps government and the business community combat cyber attacks, issued a rare emergency policy on Sunday. The agency has instructed all federal citizens’ agencies to scan their networks for possible compromises and immediately stop using SolarWinds Orion products.
The compromise of SolarWinds’ Orion network products poses an unacceptable security risk to federal networks, said Brandon Wales, ICAR’s interim director.
Simply removing the SolarWinds will not eliminate the threat, officials and investigators said. Cleaning Russian suspects from internal systems can be particularly difficult because they relied on silent operation and were not detected on other networks before the FireEye was broken into. These guys are extremely suspicious and can prevent them from trying to take it out, said a man who knows the case well. It’s gonna be a tough fight. I’ve never seen anything like it.
After reviewing federal tender dossiers, the Pentagon and many branches of the armed forces, including the military and navy, purchased and installed Orion product. Like the Department of Veterans Affairs and the National Institutes of Health, they are both involved in the fight against the coronavirus pandemic.
IA investigated the matter and found no violations, he said.
Kristina Noel,
VA press officer. Yet we take the wind of the sun with great care.
In a radio interview on Monday, the Foreign Secretary said…
Mike Pompeo
Russia appears to have admitted its involvement in the robbery and has promised that Trump’s administration will make every effort to protect confidential information so that it does not fall into the wrong hands.
I can’t say much except that the Russians have made a constant effort to access U.S. servers, not only for government agencies but also for businesses, Pompeo said. It is an ongoing struggle, an ongoing struggle to secure our systems, and I am confident that the United States government will keep our classified information away from these evil actors.
It was an ongoing attempt by the Russians to break into U.S. servers, said Secretary of State Mike Pompeo, who visited the White House last week.
Photo:
Jonathan Ernst/Reuters
Sen.
Ron Wyden
(D., Ore.), a member of the Senate Intelligence Committee, said that if the hack reports were true, the United States would have made a huge national security mistake that could have consequences for years to come.
Mr Wyden stated that he urged the administration to describe the full extent of the offence and to explain the measures taken to minimise the damage. I’m afraid the damage is much greater than we know now, he said.
Sen.
Angus King,
an independent of Maine who works with Democrats, said the crisis is particularly worrying because it happened just over a month before the presidential election.
Joe Biden
will take office.
The time of transition is a time of vulnerability, King said.
The king, who is also part of the intelligence team, said he was not yet aware of the intrusion, but that if Russia confirmed its responsibility, it would show that the federal government remains ill-prepared to respond to interstate cyber-attacks.
The Russian President
Vladimir Putin
cannot afford to compete with us in conventional weapons, but it can hire about 8,000 hackers for the price of a fighter jet, the King said. We’ve just discovered the damage hackers can do when it’s really Russia.
-Ben Kesling contributed to this article.
Email Dustin Volz at [email protected] and Robert McMillan at [email protected].
Copyright ©2020 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8
Related Tags:
cheap christmas gifts under $10,cheap christmas gifts for teenage girl,cheap gifts under $5,cheap christmas gifts under £5,family christmas gift ideas 2019,inexpensive christmas gifts for men,cheap christmas gifts for coworkers,fancy cheap gifts,things to get 13 year olds for christmas,small gift ideas for coworkers,cheap gifts for friends birthday,things to ask for for christmas teenage girl,practical christmas gifts 2019,cheap christmas gifts for men,christmas gifts amazon,gift guide for new parents,affordable gift for friend,functional christmas gifts,cheap christmas presents that look expensive,cheap christmas gifts singapore,cheap christmas gifts for teenage guys,cheap but thoughtful christmas gifts uk,best gifts under $50 amazon,gifts under $50 for him,best tech under $50 2020,gifts under $50 for her,best gadgets under $75,useful gift under $100,cheap gift ideas for friends,small gift ideas for adults,cheap but thoughtful christmas gifts,inexpensive gift ideas for her,small useful gift ideas,cheap gifts under £5
