Skip to main content

FBI, CISA, NSA Officially Blame Russia for Cyber Attacks on Networks of Governments, Companies and NGO Organisations.



The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month.

"This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks," the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA) said in a joint statement.

Russia, however, denied any involvement in the operation on December 13, stating it "does not conduct offensive operations in the cyber domain."

The FBI, CISA, ODNI, and NSA are members of the Cyber Unified Coordination Group (UCG), a newly-formed task force put in place by the White House National Security Council to investigate and lead the response efforts to remediate the SolarWinds breach.

A Much Smaller Number Compromised
Calling the campaign an "intelligence gathering effort," the intelligence bureaus said they are currently working to understand the full scope of the hack while noting that fewer than 10 U.S. government agencies were impacted by the compromise.

The names of the affected agencies were not disclosed, although previous reports have singled out the U.S. Treasury, Commerce, State, and the Departments of Energy and Homeland Security among those that have detected tainted SolarWinds' network management software installations, not to mention a number of private entities across the world.

An estimated 18,000 SolarWinds customers are said to have downloaded the backdoored software update, but the UCG said only a smaller number had been subjected to "follow-on" intrusive activity on their internal networks.

Microsoft's analysis of the Solorigate modus operandi last month found that the second-stage malware, dubbed Teardrop, has been selectively deployed against targets based on intel amassed during an initial reconnaissance of the victim environment for high-value accounts and assets.

The joint statement also confirms previous speculations that linked the espionage operation to APT29 (or Cozy Bear), a group of state-sponsored hackers associated with the Russian Foreign Intelligence Service (SVR).

The hacking campaign was notable for its scale and stealth, with the attackers leveraging the trust associated with SolarWinds Orion software to spy on government agencies and other companies for at least nine months, including viewing source code and stealing security tools, by the time it was discovered.

SolarWinds Faces Class Action Lawsuit
Meanwhile, SolarWinds is facing further fallout after a shareholder of the IT infrastructure management software company filed a class-action lawsuit in the U.S. District Court for the Western District of Texas on Monday against its president, Kevin Thompson, and chief financial officer, J. Barton Kalsu, claiming the executives violated federal securities laws under the Securities Exchange Act of 1934.

The complaint states that SolarWinds failed to disclose that "since mid-2020, SolarWinds Orion monitoring products had a vulnerability that allowed hackers to compromise the server upon which the products ran," and that "SolarWinds' update server had an easily accessible password of 'solarwinds123'," as a result of which the company "would suffer significant reputational harm."


Kindly click here to subscribe for more News and Updates.



THN




#osutayusuf

Comments

Post a Comment

Popular posts from this blog

Vurra Constituency MP Adriko Yovan gets six months imprisonment for failing to repay loan.

📸: Hon Adriko Yovan. Story By Andrew Cohen Amvesi. ARUA . Yovan Adriko, the Vurra County Member of Parliament (MP) in Arua district has been committed to six months civil prison for failing to clear debts amounting to shs55,677,400. Adriko was on Thursday evening sent to Arua government prison to serve six months shortly after his arrest at Slumberland hotel in Arua City. MP Adriko warrant of committal judgement debtor to jail. Paul Mawa of T/A Vitality Associates, the court bailiff assigned to arrest the MP, duped him to come and pick some money for a land transaction at Slumberland hotel where he picked him like a baby after a long hunt. Adriko was immediately arraigned before Her Worship Karungi Leo, the Deputy Registrar of Arua High Court who later committed him to imprisonment not exceeding six months. Part of Adriko’s warrant of arrest issued b court Adriko was sent to the coolers for failing to clear shs48m which is the princip
1 comment
Read more

Arrested Arua City Officials Taken to Kampala this Night.

Wednesday 8-November-2023. 📸: The arrest of Arua City Physical Planner Mr Findru Moses on 6-Nov-2023 at around 2pm. 📸: Mr Jobile Cornelius the City Deputy town clerk who was arrested on 7-Nov-2023 at around 4pm. 📸: Mrs Lillian Aleni (in red cloth) and Mr Edoni Benard being handcuffed by police officer on 6-Nov-2023 at around 6pm. The bail that was to be issued last night 8pm 7-Nov-2023 to release the arrested City Deputy town clerk Mr Jobile Cornelius and CFO Mr Sam Adriko over mismanagement of government properties and monies was canceled, and by this time of the night 11pm, highly placed sources leaked that, all the arrested suspects (Mr Findru Moses the Arua City Physical Planner, Mr Jobile Cornelius the Deputy City clerk, Mr Adriko Sam the CFO, Mr Edoni Benard the PDM BOG Chairperson for Pangisa ward and Mrs Lillian Aleni the parish chief for Pangisa ward) are being transported by State House Anti-corruption Unit officers who will soon be reac
Post a Comment
Read more

Wedded Ayivu West MP Lematia John Fights Over Another Woman.

  📸: Hon Lematia John. By URN. Police in Arua district are investigating a case of assault and threatening violence involving the Member of Parliament for Ayivu West Constituency John Lematia and James Ariko, a DSTV technician in Arua city. Drama ensued on Easter Sunday 31-3-2024 at Dream Land Hotel located at Kuluva trading center along Arua-Nebbi highway in Arua district when the legislator and the technician engaged in a fight reportedly over a woman identified as Faith Eyotaru 25, a relationship officer at Victoria University Kampala. The scuffle started after Ayivu West Mp John Lematia went to swim at Dreamland Hotel with Faith Eyotaru only to find Ariko, who had gone to the same hotel earlier. However, upon seeing the duo coming out of the vehicle, Ariko confronted Lematia with both men claiming to be having a relationship with the lady. It took the intervention of the staff at the hotel who intervened and separated the fight between the men. Josephine Angucia, the West Nile re
Post a Comment
Read more