Top line

A major cyberattack that the US agency overseeing cybersecurity warned on Thursday poses a “serious” threat to the federal government and the private sector has violated the Department of Energy and the National Nuclear Security Administration, according to Politics, fueling fears about information that may have been compromised.

Highlights

Since news of the attack became public last week, the extent and potential threat of the infiltration – which has so far reportedly affected thousands of businesses and nearly half a dozen federal agencies, and has been attributed by US officials to Russia – has continued to escalate.

According to Politicsit’s Thursday report, the hackers successfully raped the National Nuclear Security Administration, which manages the United States’ stockpile of nuclear weapons, as well as the Federal Regulatory Commission (FERC) of the Department of Energy, the New Mexico National Laboratories and of Washington, the Office of Secure Transportation and the Richland Field Bureau of the DOE.

This is in addition to other federal agencies, including the Pentagon, Department of Defense, Department of Justice, and Department of Homeland Security, which were known to be potentially compromised for downloading corrupted software from SolarWinds. , which originated as an access point for hackers.

In an alert released earlier Thursday, the United States Cybersecurity and Infrastructure Security Agency (CISA) for the first time detailed the scale of the attack, warning that it determined the federal government, local, tribal organizations and territorial structures of the State, as well as critical infrastructures. private sector entities and organizations are at “serious risk” of infiltration.

Additionally, CISA said it identified “additional” access points through which hackers could have accessed US computer systems, meaning the scope of the hack could be much wider than initially anticipated.

The CISA said the hackers, whose attack dates back to at least March, have shown “sophistication and complex craft in these intrusions” and predicted that it will be “very complex and difficult” for organizations to remove the actor from the threat of compromised environments.

Large number

18,000. That’s the total number organizations, including unclassified networks operated by most federal government entities, that downloaded the corrupt SolarWinds software.

Key context

The hack was detected by cybersecurity firm FireEye, which announced last week that the US government and its customers had been put at risk. The extent of the attack, which has been widely attributed to the Russian foreign intelligence agency (despite denial by Russian officials), is not yet known, but The Associated Press suggested that hackers could have accessed some of America’s “deepest secrets”. President Trump, instead focusing on his continued challenges to the 2020 election results, has yet to speak publicly about the hack, prompting a backlash from members of Congress on both sides of the aisle who say Trump must take a stand against it. Russia.

Chief critic

“I think the White House needs to say something aggressive about what happened,” Senator Mitt Romney (R-UT) said Thursday. “It’s almost like you have a Russian bomber flying undetected over the country, including over the nation’s capital, and not reacting in such a setting is truly breathtaking.”

Tangent

President-elect Joe Biden noted in a statement he was briefed by government officials about the attack, vowing to impose a “substantial cost” on those behind the hack. “We need to disrupt and deter our adversaries from undertaking major cyber attacks in the first place,” Biden said, stressing that he would not “sit idly by.”

Further reading

“DHS, DOJ and DOD are all clients of SolarWinds Orion, the source of the massive US government hack.” (Forbes)

“‘We are hacked’: as Trump remains silent, former security adviser sounds the alarm over Russian infiltration” (Forbes)


Source link

Leave a Reply

Your email address will not be published.