Qatar v. Ecuador to kick off FIFA World Cup 2022™ on 20 NovemberRead more Webb Fontaine Announces Launch of Niger National Single Window (NNSW) to Bolster TradeRead more Ethiopia: Loan from United Nations Fund Allows Food and Agriculture Organization (FAO) to Scale Up Fertilizers for Farmers in TigrayRead more How Choosing the Right Printer Helps Small Businesses and Content Creators to Save Time, Maximise Productivity and Achieve GrowthRead more The United States Contributes USD $223 Million to Help World Food Programme (WFP) Save Lives and Stave Off Severe Hunger in South SudanRead more Eritrea: World Breastfeeding WeekRead more Eritrean community festival in Scandinavian countriesRead more IOM: Uptick in Migrants Heading Home as World Rebounds from COVID-19Read more Network International & Infobip to offer WhatsApp for Business Banking Services to Financial Institution Clients across AfricaRead more Ambassador Jacobson Visits Gondar in the Amhara Region to Show Continued U.S. Support for the Humanitarian and Development Needs of EthiopiansRead more

Hackers breach US agencies, Homeland Security a reported target

show caption
Washington is taking seriously the suggestion that a massive cyberattack targeting federal departments may have been orchestrated by a foreign government./AFP
Print Friendly and PDF

Dec 15, 2020 - 05:17 AM

NEW YORK — The US Department of Homeland Security was the third federal department to be targeted in a major cyberattack, US media reported Monday, a day after Washington revealed the hack which may have been coordinated by a foreign government.

The Washington Post cited unnamed officials who said that the DHS — which is in charge of protecting the country from attacks both online and off — had been added to a growing list of targets in the attack, including the Treasury and Commerce departments.

A statement from DHS Monday did not confirm the report, saying only that it was “aware of cyber breaches across the federal government and working closely with our partners in the public and private sector on the federal response.”

The Cybersecurity and Infrastructure Security Agency (CISA), which is attached to the DHS, on Sunday said it had ordered federal agencies to immediately stop using SolarWinds Orion IT products following reports that hackers had used a recent update to gain access to internal communications.

“We urge all our partners — in the public and private sectors — to assess their exposure to this compromise and to secure their networks,” said CISA Acting Director Brandon Wales.

SolarWinds over the weekend admitted that hackers had exploited a backdoor in an update of some of its software released between March and June.

The hacks are part of a wider campaign that also hit major cybersecurity firm FireEye, which said its own defenses had been breached by sophisticated attackers who stole tools used to test customers’ computer systems.

FireEye said it suspected the attack was state-sponsored, and warned it could have affected numerous high profile targets across the globe.

“This campaign may have begun as early as Spring 2020 and is currently ongoing,” FireEye said in a blog post.

Russia involved? 

The content the hackers have sought to steal — and how successful they have been — is not known at this time.

“We believe this is nation-state activity at significant scale, aimed at both the government and private sector,” said IT giant Microsoft, which is also investigating, in a blog post.

While Microsoft refrained from naming a country, several US media pointed the finger at the Russian group “APT29”, also known as “Cozy Bear.”

According to the Washington Post, the group is part of Moscow’s intelligence services, and hacked servers at the State Department and the White House during the Obama administration.

The Russian Embassy in the United States categorically denied the accusations in a statement on Facebook.

Both the public and private sectors must be increasingly on guard against such hacks, warned Hank Schless, senior manager at Lookout, a California-based mobile security company.

“Adversarial nation-states have recognized the value in targeting both sectors, which means neither is safe from the types of attacks that have government resources behind them,” he said.

Matt Walmsley of Vectra, which provides cyberattack detection services from its base in California, agreed.

“Security teams need to drastically reduce the overall risk of a breach by gaining instant visibility and understanding of who and what is accessing data or changing configurations, regardless of how they are doing it, and from where,” he said.

ZONNTECH.COM uses both Facebook and Disqus comment systems to make it easier for you to contribute. We encourage all readers to share their views on our articles and blog posts. All comments should be relevant to the topic. By posting, you agree to our Privacy Policy. We are committed to maintaining a lively but civil forum for discussion, so we ask you to avoid personal attacks, name-calling, foul language or other inappropriate behavior. Please keep your comments relevant and respectful. By leaving the ‘Post to Facebook’ box selected – when using Facebook comment system – your comment will be published to your Facebook profile in addition to the space below. If you encounter a comment that is abusive, click the “X” in the upper right corner of the Facebook comment box to report spam or abuse. You can also email us.