AI
Sunday, December 20, 2020 7:29:53 PM
Microsoft president sounds alarm on ‘ongoing’ SolarWinds hack, identifies 40 more precise targets
"Intelligence failure
Russian hackers went undetected by U.S. cybersecurity defenses for months
[...]
Washington – Over the past few years, the U.S. government has spent tens of billions of dollars on cyberoffensive abilities, building a giant war room at Fort Meade, Md., for U.S. Cyber Command, while installing defensive sensors all around the country — a system named Einstein to give it an air of genius — to deter the nation's enemies from picking its networks clean, again
[...]
The intrusion, said the person briefed on the matter, shows that the weak point for the American government computer networks remains administrative systems, particularly ones that have a number of private companies working under contract. The Russian spies found that by gaining access to these peripheral systems, they could make their way into more central parts of the government networks."
So it appears in saying privatize/outsource Washington has inadvertently also been saying, Welcome hackers. Just as
Trump opened the door to the coronavirus, with Trump at the helm this massive intelligence breach likely was made easier.
‘This is not ‘espionage as usual,’ even in the digital age.’
By Jay Peters@jaypeters Dec 17, 2020, 9:06pm EST
:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/68545710/acastro_180507_1777_microsoft_0003.0.jpg)
Illustration by Alex Castro / The Verge
Microsoft president Brad Smith warned that the wide-ranging hack .. https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/ .. of the SolarWinds’ Orion IT software is “ongoing,” and that investigations reveal “an attack that is remarkable for its scope, sophistication and impact.” The breach targeted .. https://www.theverge.com/2020/12/13/22173035/hackers-russia-breached-us-government-agencies-email-cozy-bear .. several US government agencies and is believed to have been carried out by Russian nation-state hackers.
Smith characterized the hack as “a moment of reckoning” and laid out in no uncertain terms just how large and how dangerous Microsoft believes the hack to be. It “represents an act of recklessness that created a serious technological vulnerability for the United States and the world,” Smith argues.
He believes that it “is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency.” Though the post stops short of explicitly accusing Russia, the implication is very clear. “The weeks ahead will provide mounting and we believe indisputable evidence about the source of these recent attacks,” according to Smith.
To illustrate just how far-reaching the hack was, Smith included a map that used telemetry taken from Microsoft’s Defender Anti-Virus software to show people who had installed versions of the Orion software that contained malware from the hackers.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/22181335/cyber1_960x540.jpg)
A map showing customers affected by the malware in SolarWinds’ Orion. Image: Microsoft
Microsoft has also been working this week to notify “more than 40 customers that the attackers targeted more precisely and compromised through additional and sophisticated measures,” according to Smith. Approximately 80 percent of those customers are located in the US, but Microsoft also identified victims in Canada, Mexico, Belgium, Spain, the UK, Israel, and the UAE. “It’s certain that the number and location of victims will keep growing,” Smith said.
Investigations into the hack are ongoing. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) issued a joint statement on Wednesday .. https://www.dni.gov/index.php/newsroom/press-releases/item/2175-joint-statement-by-the-federal-bureau-of-investigation-fbi-the-cybersecurity-and-infrastructure-security-agency-cisa-and-the-office-of-the-director-of-national-intelligence-odni .. to say that they were coordinating a “whole-of-government response to this significant cyber incident.” And Smith warned that “we should all be prepared for stories about additional victims in the public sector and other enterprises and organizations.”
Earlier on Thursday, Reuters reported .. https://www.reuters.com/article/us-usa-cyber-breach/suspected-russian-hacking-spree-used-another-major-tech-supplier-sources-idUSKBN28R2ZJ?il=0 .. that Microsoft had been hacked as part of the breach and that “it also had its own products leveraged to further the attacks on others.” But Microsoft denied that claim in a statement to The Verge:
-
Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.
-
Microsoft has been responding to the hack since December 13th .. https://blogs.microsoft.com/on-the-issues/2020/12/13/customers-protect-nation-state-cyberattacks/ , including blocking versions of SolarWinds Orion .. https://click.linksynergy.com/deeplink?id=nOD/rLJHOac&mid=24542&u1=[]vg[e]21952101[r]google.com[t]w[d]D&murl=https://www.microsoft.com/security/blog/2020/12/15/ensuring-customers-are-protected-from-solorigate/ .. that contained the malware. Microsoft and a coalition of tech companies also seized control a domain that played a key role in the SolarWinds breach, ZDNet reported .. https://www.zdnet.com/article/microsoft-and-industry-partners-seize-key-domain-used-in-solarwinds-hack/ .
SolarWinds has also taken the step .. https://www.theverge.com/2020/12/15/22176053/solarwinds-hack-client-list-russia-orion-it-compromised .. of hiding a list of high-profile clients from its website, perhaps to protect them from negative publicity. The list included more than 425 of the companies on the Fortune 500.
As for Microsoft, Smith used his post to call for a more organized, communal response against cyberattacks, both at a government level and amongst private institutions. “We need a more effective national and global strategy to protect against cyberattacks,” he writes. Microsoft is also looking for “stronger steps to hold nation-states accountable for cyberattacks.”
Related
Hackers backed by Russian government reportedly breached US government agencies
https://www.theverge.com/2020/12/13/22173035/hackers-russia-breached-us-government-agencies-email-cozy-bear
SolarWinds hides list of high-profile customers after devastating hack
https://www.theverge.com/2020/12/15/22176053/solarwinds-hack-client-list-russia-orion-it-compromised
https://www.theverge.com/2020/12/17/22188060/microsoft-president-solarwinds-orion-hack-breach-brad-smith
To link
Was it a directive by Putin given to Trump that caused him to respond with this nonsense?
Trump downplays impact of hack, questions whether Russia involved
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=160337678
See also:
A Big Change in NSA Spying Marks a Win for American Privacy
.. one more to help root understanding of the welcome NSA step ..
Andy Greenberg Security 04.28.17. 5:45 pm
[...]
“NSA will no longer collect certain internet communications that merely mention a foreign intelligence target,” reads a statement .. https://www.nsa.gov/news-features/press-room/press-releases/2017/nsa-stops-certain-702-activites.shtml .. from the agency. “Instead, NSA will limit such collection to internet communications that are sent directly to or from a foreign target.”
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=130944660
The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say) .. a little more here ..
By James Bamford 03.15.12
Photo: Name Withheld; Digital Manipulation: Jesse Lenz
The spring air in the small, sand-dusted town has a soft haze to it, and clumps of green-gray sagebrush rustle in the breeze. Bluffdale sits in a bowl-shaped valley in the shadow of Utah’s Wasatch Range .. http://en.wikipedia.org/wiki/Wasatch_Range .. to the east and the Oquirrh Mountains .. http://en.wikipedia.org/wiki/Oquirrh_Mountains .. to the west. It’s the heart of Mormon country, where religious pioneers first arrived more than 160 years ago. They came to escape the rest of the world, to understand the mysterious words sent down from their god as revealed on buried golden plates, and to practice what has become known as “the principle,” marriage to multiple wives.
[...]
The NSA’S SPY NETWORK .. another one ..
Once it’s operational, the Utah Data Center will become, in effect, the NSA’s cloud. The center will be fed data collected by the agency’s eavesdropping satellites, overseas listening posts, and secret monitoring rooms in telecom facilities throughout the US. All that data will then be accessible to the NSA’s code breakers, data-miners, China analysts, counterterrorism specialists, and others working at its Fort Meade headquarters and around the world. Here’s how the data center appears to fit into the NSA’s global puzzle.—J.B.
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=89272544
"Intelligence failure
Russian hackers went undetected by U.S. cybersecurity defenses for months
[...]
Washington – Over the past few years, the U.S. government has spent tens of billions of dollars on cyberoffensive abilities, building a giant war room at Fort Meade, Md., for U.S. Cyber Command, while installing defensive sensors all around the country — a system named Einstein to give it an air of genius — to deter the nation's enemies from picking its networks clean, again
[...]
The intrusion, said the person briefed on the matter, shows that the weak point for the American government computer networks remains administrative systems, particularly ones that have a number of private companies working under contract. The Russian spies found that by gaining access to these peripheral systems, they could make their way into more central parts of the government networks."
So it appears in saying privatize/outsource Washington has inadvertently also been saying, Welcome hackers. Just as
Trump opened the door to the coronavirus, with Trump at the helm this massive intelligence breach likely was made easier.
‘This is not ‘espionage as usual,’ even in the digital age.’
By Jay Peters@jaypeters Dec 17, 2020, 9:06pm EST
:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/68545710/acastro_180507_1777_microsoft_0003.0.jpg)
Illustration by Alex Castro / The Verge
Microsoft president Brad Smith warned that the wide-ranging hack .. https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/ .. of the SolarWinds’ Orion IT software is “ongoing,” and that investigations reveal “an attack that is remarkable for its scope, sophistication and impact.” The breach targeted .. https://www.theverge.com/2020/12/13/22173035/hackers-russia-breached-us-government-agencies-email-cozy-bear .. several US government agencies and is believed to have been carried out by Russian nation-state hackers.
Smith characterized the hack as “a moment of reckoning” and laid out in no uncertain terms just how large and how dangerous Microsoft believes the hack to be. It “represents an act of recklessness that created a serious technological vulnerability for the United States and the world,” Smith argues.
He believes that it “is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency.” Though the post stops short of explicitly accusing Russia, the implication is very clear. “The weeks ahead will provide mounting and we believe indisputable evidence about the source of these recent attacks,” according to Smith.
To illustrate just how far-reaching the hack was, Smith included a map that used telemetry taken from Microsoft’s Defender Anti-Virus software to show people who had installed versions of the Orion software that contained malware from the hackers.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/22181335/cyber1_960x540.jpg)
A map showing customers affected by the malware in SolarWinds’ Orion. Image: Microsoft
Microsoft has also been working this week to notify “more than 40 customers that the attackers targeted more precisely and compromised through additional and sophisticated measures,” according to Smith. Approximately 80 percent of those customers are located in the US, but Microsoft also identified victims in Canada, Mexico, Belgium, Spain, the UK, Israel, and the UAE. “It’s certain that the number and location of victims will keep growing,” Smith said.
Investigations into the hack are ongoing. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) issued a joint statement on Wednesday .. https://www.dni.gov/index.php/newsroom/press-releases/item/2175-joint-statement-by-the-federal-bureau-of-investigation-fbi-the-cybersecurity-and-infrastructure-security-agency-cisa-and-the-office-of-the-director-of-national-intelligence-odni .. to say that they were coordinating a “whole-of-government response to this significant cyber incident.” And Smith warned that “we should all be prepared for stories about additional victims in the public sector and other enterprises and organizations.”
Earlier on Thursday, Reuters reported .. https://www.reuters.com/article/us-usa-cyber-breach/suspected-russian-hacking-spree-used-another-major-tech-supplier-sources-idUSKBN28R2ZJ?il=0 .. that Microsoft had been hacked as part of the breach and that “it also had its own products leveraged to further the attacks on others.” But Microsoft denied that claim in a statement to The Verge:
-
Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.
-
Microsoft has been responding to the hack since December 13th .. https://blogs.microsoft.com/on-the-issues/2020/12/13/customers-protect-nation-state-cyberattacks/ , including blocking versions of SolarWinds Orion .. https://click.linksynergy.com/deeplink?id=nOD/rLJHOac&mid=24542&u1=[]vg[e]21952101[r]google.com[t]w[d]D&murl=https://www.microsoft.com/security/blog/2020/12/15/ensuring-customers-are-protected-from-solorigate/ .. that contained the malware. Microsoft and a coalition of tech companies also seized control a domain that played a key role in the SolarWinds breach, ZDNet reported .. https://www.zdnet.com/article/microsoft-and-industry-partners-seize-key-domain-used-in-solarwinds-hack/ .
SolarWinds has also taken the step .. https://www.theverge.com/2020/12/15/22176053/solarwinds-hack-client-list-russia-orion-it-compromised .. of hiding a list of high-profile clients from its website, perhaps to protect them from negative publicity. The list included more than 425 of the companies on the Fortune 500.
As for Microsoft, Smith used his post to call for a more organized, communal response against cyberattacks, both at a government level and amongst private institutions. “We need a more effective national and global strategy to protect against cyberattacks,” he writes. Microsoft is also looking for “stronger steps to hold nation-states accountable for cyberattacks.”
Related
Hackers backed by Russian government reportedly breached US government agencies
https://www.theverge.com/2020/12/13/22173035/hackers-russia-breached-us-government-agencies-email-cozy-bear
SolarWinds hides list of high-profile customers after devastating hack
https://www.theverge.com/2020/12/15/22176053/solarwinds-hack-client-list-russia-orion-it-compromised
https://www.theverge.com/2020/12/17/22188060/microsoft-president-solarwinds-orion-hack-breach-brad-smith
To link
Was it a directive by Putin given to Trump that caused him to respond with this nonsense?
Trump downplays impact of hack, questions whether Russia involved
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=160337678
See also:
A Big Change in NSA Spying Marks a Win for American Privacy
.. one more to help root understanding of the welcome NSA step ..
Andy Greenberg Security 04.28.17. 5:45 pm
[...]
“NSA will no longer collect certain internet communications that merely mention a foreign intelligence target,” reads a statement .. https://www.nsa.gov/news-features/press-room/press-releases/2017/nsa-stops-certain-702-activites.shtml .. from the agency. “Instead, NSA will limit such collection to internet communications that are sent directly to or from a foreign target.”
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=130944660
The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say) .. a little more here ..
By James Bamford 03.15.12
Photo: Name Withheld; Digital Manipulation: Jesse Lenz
The spring air in the small, sand-dusted town has a soft haze to it, and clumps of green-gray sagebrush rustle in the breeze. Bluffdale sits in a bowl-shaped valley in the shadow of Utah’s Wasatch Range .. http://en.wikipedia.org/wiki/Wasatch_Range .. to the east and the Oquirrh Mountains .. http://en.wikipedia.org/wiki/Oquirrh_Mountains .. to the west. It’s the heart of Mormon country, where religious pioneers first arrived more than 160 years ago. They came to escape the rest of the world, to understand the mysterious words sent down from their god as revealed on buried golden plates, and to practice what has become known as “the principle,” marriage to multiple wives.
[...]
The NSA’S SPY NETWORK .. another one ..
Once it’s operational, the Utah Data Center will become, in effect, the NSA’s cloud. The center will be fed data collected by the agency’s eavesdropping satellites, overseas listening posts, and secret monitoring rooms in telecom facilities throughout the US. All that data will then be accessible to the NSA’s code breakers, data-miners, China analysts, counterterrorism specialists, and others working at its Fort Meade headquarters and around the world. Here’s how the data center appears to fit into the NSA’s global puzzle.—J.B.
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=89272544
It was Plato who said, “He, O men, is the wisest, who like Socrates, knows that his wisdom is in truth worth nothing”
Discover What Traders Are Watching
Explore small cap ideas before they hit the headlines.
