Rantburg

Today's Front Page   View All of Thu 05/02/2024 View Wed 05/01/2024 View Tue 04/30/2024 View Mon 04/29/2024 View Sun 04/28/2024 View Sat 04/27/2024 View Fri 04/26/2024
2020-12-15 Cyber
Hackers target US Homeland Security, thousands of businesses
[PRESSTV] The US Department of Homeland Security and thousands of businesses have been targeted by a sweeping hacking campaign that officials suspect was directed by the Russian government.Emails sent by officials at DHS, which oversees border security and defense against hacking, were monitored by the hackers as part of the sophisticated series of breaches, three people familiar with the matter told Rooters Monday.

Technology company SolarWinds, which was the key steppingstone used by the hackers, said up to 18,000 of its customers had downloaded a compromised software update that allowed hackers to spy unnoticed on businesses and agencies for almost nine months.

The United States issued an emergency warning on Sunday, ordering government users to disconnect SolarWinds software which it said had been compromised by "malicious actors."

That warning came after Rooters reported suspected Russian hackers had used hijacked SolarWinds software updates to break into multiple American government agencies, including the Treasury and Commerce departments. Moscow denied having any connection to the attacks.

One of the people familiar with the hacking campaign said the critical network that the Department of Homeland Security’s cybersecurity division uses to protect infrastructure, including the recent elections, had not been breached.

DHS is a massive bureaucracy among other things responsible for securing the distribution of the COVID-19 vaccine.

The cybersecurity unit there, known as CISA, has been upended by President Trump’s firing of head Chris Krebs after Krebs called the presidential election the most secure in American history. His deputy and the elections chief have also left.

The Pentagon said on Monday it is aware of the reports but was not able to comment on "specific mitigation measures or specify systems that may have been impacted."

The National Security Agency and Joint Force Headquarters Commanders issued guidance and directives to protect DoD networks and IT systems.

SolarWinds said in a regulatory disclosure it believed the attack was the work of an "outside nation state" that inserted malicious code into updates of its Orion network management software issued between March and June this year.

The attacks, first revealed Sunday, earlier hit the US departments of Treasury and Commerce.
Posted by Fred 2020-12-15 00:00|| || Front Page|| [12 views ]  Top

#1 Have good ITSEC friend that whose job is to review source codes prior to even BETA-testing by his agencies Systems.

He said his 2 biggest problems are users loading Freeware/Shareware/Adware games and etc...An remote Site Admins loading offered complimentary copies of COTS software that has NOT been reviewed or tested for leakage.
Posted by NN2N1  2020-12-15 06:17||   2020-12-15 06:17|| Front Page Top

01:51 Besoeker
01:47 Besoeker
01:45 Grom the Reflective
01:43 Grom the Reflective
01:40 Grom the Reflective
01:37 Grom the Reflective
01:35 Besoeker
01:32 Grom the Reflective
01:26 DarthVader
01:17 Besoeker
01:12 Besoeker
00:38 Besoeker
00:33 Angealing+B.+Hayes4677
00:16 EMS Artifact
00:15 Raj









Paypal:
Google
Search WWW Search rantburg.com