12-17-2020, 11:11 PM
Homeland Security: Hacking campaign poses 'grave risk' to all levels of government, private sector
A devastating cyber attack believed to be tied to Russia continues to pose a "grave risk" to government networks and the private sector, according to an ominous warning issued Thursday by the Department of Homeland Security.
The bulletin from DHS' Cybersecurity and Infrastructure Security Agency (CISA), represented the most striking assessment yet of a cascading threat to federal, state and local networks.
"CISA has determined that this threat poses a grave risk to the federal government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations," the bulletin stated.
"This... actor has demonstrated patience, operational security, and complex trade-craft in these intrusions," CISA said of the hackers, adding that the ongoing effort to eliminate the threat would "will be highly complex and challenging."
Networks at the Department of Energy and the National Nuclear Security Administration, which manages the country's nuclear weapons stockpile, also may have been compromised according to reports by the Washington Post and Politico.
The attacks, which have targeted major branches of the U.S. government, has put an untold number of Americans, agencies and government secrets at risk of compromise.
The attackers penetrated federal computer systems through a popular piece of server software offered through a company called SolarWinds.
The threat apparently came from the same cyberespionage campaign that has afflicted cybersecurity firm FireEye, foreign governments and major corporations.
The system is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies, which will now be scrambling to patch up their networks.
The attackers planted malware in computer networks after using what FireEye CEO Kevin Mandia has called “a novel combination of techniques not witnessed by us or our partners in the past.”
In its alert Thursday, CISA said that is "likely" that full scope of the campaign remains unclear as additional intrusions "have not yet been discovered."
https://www.usatoday.com/story/news/poli...946658001/
A devastating cyber attack believed to be tied to Russia continues to pose a "grave risk" to government networks and the private sector, according to an ominous warning issued Thursday by the Department of Homeland Security.
The bulletin from DHS' Cybersecurity and Infrastructure Security Agency (CISA), represented the most striking assessment yet of a cascading threat to federal, state and local networks.
"CISA has determined that this threat poses a grave risk to the federal government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations," the bulletin stated.
"This... actor has demonstrated patience, operational security, and complex trade-craft in these intrusions," CISA said of the hackers, adding that the ongoing effort to eliminate the threat would "will be highly complex and challenging."
Networks at the Department of Energy and the National Nuclear Security Administration, which manages the country's nuclear weapons stockpile, also may have been compromised according to reports by the Washington Post and Politico.
The attacks, which have targeted major branches of the U.S. government, has put an untold number of Americans, agencies and government secrets at risk of compromise.
The attackers penetrated federal computer systems through a popular piece of server software offered through a company called SolarWinds.
The threat apparently came from the same cyberespionage campaign that has afflicted cybersecurity firm FireEye, foreign governments and major corporations.
The system is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies, which will now be scrambling to patch up their networks.
The attackers planted malware in computer networks after using what FireEye CEO Kevin Mandia has called “a novel combination of techniques not witnessed by us or our partners in the past.”
In its alert Thursday, CISA said that is "likely" that full scope of the campaign remains unclear as additional intrusions "have not yet been discovered."
https://www.usatoday.com/story/news/poli...946658001/
