Rantburg

Today's Front Page   View All of Wed 05/28/2025 View Tue 05/27/2025 View Mon 05/26/2025 View Sun 05/25/2025 View Sat 05/24/2025 View Fri 05/23/2025 View Thu 05/22/2025
2020-12-15 Cyber
Hackers target US Homeland Security, thousands of businesses
[PRESSTV] The US Department of Homeland Security and thousands of businesses have been targeted by a sweeping hacking campaign that officials suspect was directed by the Russian government.Emails sent by officials at DHS, which oversees border security and defense against hacking, were monitored by the hackers as part of the sophisticated series of breaches, three people familiar with the matter told Rooters Monday.

Technology company SolarWinds, which was the key steppingstone used by the hackers, said up to 18,000 of its customers had downloaded a compromised software update that allowed hackers to spy unnoticed on businesses and agencies for almost nine months.

The United States issued an emergency warning on Sunday, ordering government users to disconnect SolarWinds software which it said had been compromised by "malicious actors."

That warning came after Rooters reported suspected Russian hackers had used hijacked SolarWinds software updates to break into multiple American government agencies, including the Treasury and Commerce departments. Moscow denied having any connection to the attacks.

One of the people familiar with the hacking campaign said the critical network that the Department of Homeland Security’s cybersecurity division uses to protect infrastructure, including the recent elections, had not been breached.

DHS is a massive bureaucracy among other things responsible for securing the distribution of the COVID-19 vaccine.

The cybersecurity unit there, known as CISA, has been upended by President Trump’s firing of head Chris Krebs after Krebs called the presidential election the most secure in American history. His deputy and the elections chief have also left.

The Pentagon said on Monday it is aware of the reports but was not able to comment on "specific mitigation measures or specify systems that may have been impacted."

The National Security Agency and Joint Force Headquarters Commanders issued guidance and directives to protect DoD networks and IT systems.

SolarWinds said in a regulatory disclosure it believed the attack was the work of an "outside nation state" that inserted malicious code into updates of its Orion network management software issued between March and June this year.

The attacks, first revealed Sunday, earlier hit the US departments of Treasury and Commerce.
Posted by Fred 2020-12-15 00:00|| || Front Page|| [11131 views ]  Top

#1 Have good ITSEC friend that whose job is to review source codes prior to even BETA-testing by his agencies Systems.

He said his 2 biggest problems are users loading Freeware/Shareware/Adware games and etc...An remote Site Admins loading offered complimentary copies of COTS software that has NOT been reviewed or tested for leakage.
Posted by NN2N1  2020-12-15 06:17||   2020-12-15 06:17|| Front Page Top

17:48 49 Pan
17:38 Lord Garth
17:29 alanc
17:09 BrerRabbit
16:13 Pancho Poodle8452
16:08 Beavis
16:08 Lord Garth
15:52 Lord Garth
15:28 trailing wife
15:26 Pancho Poodle8452
15:26 trailing wife
14:34 Frank G
14:28 Melancholic
14:27 NoMoreBS
14:14 swksvolFF
14:12 swksvolFF
13:54 mossomo
13:51 mossomo
13:50 NoMoreBS
13:50 Abu Uluque
13:44 Abu Uluque
13:41 NoMoreBS
13:39 Abu Uluque
13:36 mossomo









Paypal:
Google
Search WWW Search rantburg.com