- Multiple government agencies including the Department of Homeland Security, the Department of State, and parts of the Pentagon have been hacked in a far-reaching attack widely believed to be led by Russia.
- Experts have said the attack was highly advanced, and while the damage is unclear, more agencies are expected to be hit.
- The hack was first discovered last week by the cybersecurity firm FireEye, which later found the attackers had entered government servers undetected this spring, giving them free rein for much of the past year.
- The hackers first infiltrated the systems of the firm SolarWinds, which makes network-management software used by many government agencies and large companies. They later gained access to SolarWinds’ clients by infecting software updates the company sent its customers with malware.
- While the motive is currently unknown, experts have said the recent hack is classic espionage.
Federal Agencies Hacked
At least half a dozen U.S. federal agencies — including several national security-related departments — have been the victims of a highly advanced suspected Russian hack.
The attacks were first reported Sunday when Trump administration officials at the Treasury and Commerce departments confirmed that key networks had been breached and that the hackers had free range of their email systems.
On Monday, officials in the Homeland Security and State departments, the National Institutes of Health, and parts of the Pentagon also told reporters that they had been hit.
Currently, the extent of the hacks and the damage they have done is unknown, but people close to the matter have said that the number of federal agencies that were attacked is expected to grow.
While the knowledge of these attacks comes at the close of a tumultuous election season, cybersecurity experts involved in the matter have said that the systems were infiltrated months ago. Top U.S. intelligence agencies did not detect the hacks until they were informed of the breaches by FireEye, a third-party cybersecurity company that had also been a target.
FireEye, which is contracted by intelligence agencies and other federal departments to find and patch security holes in networks that could be vulnerable to hackers, reported last week that hackers from a then-unidentified nation-state had entered their systems and stolen their anti-hacking tools.
The company soon found out that the attack expanded far beyond their own systems. In a statement released Sunday, FireEye described a global campaign of victims that included “government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East.”
FireEye described the hack as incredibly sophisticated and “some of the best operational security” that they had ever seen in a cyberattack. It also noted that the hackers used at least one piece of malware that has never been previously detected.
The cybersecurity firm said that all of the involved organizations had been hit through a supply-chain attack, where cybercriminals infiltrate a target organization by hacking outside companies supplying products to the intended target that are then introduced into computer networks.
In this case, FireEye found that the supply chain attack started with an Austin-based company called SolarWinds that makes and supplies a widely-used network-management software called Orion.
The attackers hacked SolarWind and manipulated the software updates that the company sends out to their clients whenever there is an upgrade to Orion — much like the notifications your phone or computer sends when it has a software update.
When SolarWinds sent those infected updates to their clients, the hackers were able to gain access to these organizations when they downloaded the Orion update. Very notably, FireEye also said those software updates were delivered to customers between March and May, meaning that these hackers had free reign over these systems undetected for the better part of a year.
As for how many agencies or companies were impacted, right now, it is not entirely clear. In a federal securities filing Monday, SolarWinds reported that of its more than 300,000 clients, only 33,000 use Orion. Of those 33,000, fewer than 18,000 of its customers may have installed the corrupted software, the company said, though it also added it did not yet know how many systems were actually hacked.
However, other experts say the number is actually much, much lower.
“We think the number who were actually compromised were in the dozens,” Charles Carmakal, a senior vice president at FireEye told The New York Times. “But they were all the highest-value targets.”
In addition to the other government agencies that have said they were impacted, SolarWinds also contracts with all five branches of the military, the Executive Offices of the President, the Centers for Disease Control and Prevention, and the National Security Agency — which is the world’s top electronic spy agency.
SolarWinds also has other clients all around the world. According to reports, its services are used by almost all Fortune 500 companies, major defense contractors such as Boeing, and the Los Alamos National Laboratory where nuclear weapons are designed.
While it is unclear how many of those organizations used Orion, experts say that might not matter. As The Times reported, investigators have said that the hackers “used multiple entry points in addition to the compromised Orion software update, and that this may be only the beginning of what they find.”
In fact, in its Monday filing, SolarWinds even explicitly said that Microsoft’s Office 365 email may have also been “an attack vector” used by the attackers. In a blog post Sunday, Microsoft said that it has not found any product vulnerabilities in its own investigation of the hacks.
Suspected Russian Involvement
Neither SolarWinds nor FireEye specifically named the Russians, but numerous officials close to the matter have said that their investigation has pointed to a top Russian foreign intelligence agency known as the SVR, often called Cozy Bear or A.P.T. 29.
While the SVR is known as a traditional collector of intelligence, specializing in digital spying, it is not known for the kind of disinformation campaigns that we saw the Russians running in the 2016 election.
As a result, experts have said that this hack was not a campaign intended to undermine the election like last time, but rather to spy on the highest levels of the government.
“This is classic espionage,” Thomas Rid, a political science professor at the Johns Hopkins School of Advanced International Studies who specializes in cybersecurity issues told The Washington Post. “It’s done in a highly sophisticated way…. But this is a stealthy operation.”
“This so far appears to be classic digital spying of the sort that major nations, including the United States, engage in every day to gain geopolitical edges of various sorts,” The Post added.
“That’s a nine-month stretch that included — to name just a few of the important events that would have created computer files interesting to spies — the worst of the coronavirus pandemic, the historically fast development of vaccines using novel technology, and the U.S. presidential and congressional elections.”
As expected, Russian officials have denied any involvement. In a statement Sunday, the Russian Embassy in Washington called the reports “baseless” and said that Russia “does not conduct offensive operations in the cyber domain.”
Despite this claim, the U.S. intelligence community has extensively documented and verified numerous successful and attempted cyberattacks by Russia in the last several years.
See what others are saying: (The Washington Post) (The New York Times) (Reuters)
Katie Couric Says She Edited Ruth Bader Ginsburg Quote About Athletes Kneeling During National Anthem
Couric said she omitted part of a 2016 interview in order to “protect” the justice.
Kate Couric Edited Quote From Justice Ginsburg
In her upcoming book, journalist Katie Couric admitted to editing a quote from Supreme Court Justice Ruth Bader Ginsberg in 2016 in order to “protect” Ginsberg from potential criticism.
Couric interviewed the late justice for an article in Yahoo News. During their discussion, she asked Ginsburg about her thoughts on athletes like Colin Kaepernick kneeling for the national anthem to protest racial inequality.
“I think it’s really dumb of them,” Ginsburg is quoted saying in the piece. “Would I arrest them for doing it? No. I think it’s dumb and disrespectful. I would have the same answer if you asked me about flag burning. I think it’s a terrible thing to do, but I wouldn’t lock a person up for doing it. I would point out how ridiculous it seems to me to do such an act.”
According to The Daily Mail and The New York Post, which obtained advance copies of Couric’s book “Going There,” there was more to Ginsburg’s response. Couric wrote that she omitted a portion where Ginsburg said the form of protest showed a “contempt for a government that has made it possible for their parents and grandparents to live a decent life…Which they probably could not have lived in the places they came from.“
Couric Says She Lost Sleep Making Choice
“As they became older they realize that this was youthful folly,” Ginsberg reportedly continued. “And that’s why education is important.“
According to The Daily Mail, Couric wrote that the Supreme Court’s head of public affairs sent an email asking to remove comments about kneeling because Ginsburg had misspoken. Couric reportedly added that she felt a need to “protect” the justice, thinking she may not have understood the question. Couric reached out to her friend, New York Times reporter David Brooks, regarding the matter and he allegedly likewise believed she may have been confused by the subject.
Couric also wrote that she was a “big RBG fan” and felt her comments were “unworthy of a crusader for equality.” Because she knew the remarks could land Ginsburg in hot water, she said she “lost a lot of sleep” and felt “conflicted” about whether or not to edit them out.
Couric was trending on Twitter Wednesday and Thursday as people questioned the ethics behind her choice to ultimately cut part of the quote. Some thought the move showed a lack of journalistic integrity while others thought revealing the story now harmed Ginsburg’s legacy.
See what others are saying: (New York Post) (The Daily Mail) (Insider)
Biden Administration Orders ICE To Halt Workplace Raids
The Department of Homeland Security will now focus on targeting employers who exploit undocumented workers, instead of carrying out raids that dissuade those workers from reporting labor violations.
DHS Reverses Worksite Raid Policy
The Biden administration announced Tuesday that it was ordering Immigration and Customs Enforcement (ICE) to stop workplace raids.
The move marks a reversal from Trump administration policies that have been strongly criticized by immigration activists who argue the efforts created fear in immigrant communities and dissuaded them from reporting labor violations or exploitative employment practices.
In addition to stopping the raids, Department of Homeland Security (DHS) Secretary Alejandro Mayorkas said in a memo that the administration will refocus enforcement efforts to instead target “employers who exploit unauthorized workers, conduct illegal activities or impose unsafe working conditions.”
Mayorkas added that the immigration agencies housed in DHS will have the next 60 days to identify harmful existing policies and come up with new ones that provide better deportation protections for workers who report their employers.
In the Tuesday memo, the secretary argued that shift of focus will “reduce the demand for illegal employment by delivering more severe consequences to exploitative employers” and “increase the willingness of workers to report violations of law by exploitative employers and cooperate in employment and labor standards investigation.”
Labor Market Implications
The new policy comes at a time when the U.S. is experiencing a critical labor shortage, including in many sectors that rely on immigrant labor.
Some companies that use undocumented workers pay them wages that are far below the market rate, which is not only exploitative but also undercuts competitors.
According to Mayorkas, the pivot to employer-based enforcement will help protect American businesses.
“By exploiting undocumented workers and paying them substandard wages, the unscrupulous employers create an unfair labor market,” he said in the memo. “They also unfairly drive down their costs and disadvantage their business competitors who abide by the law.”
It is currently unclear how effective the new efforts will be, but historical precedent does not paint an optimistic picture.
The Biden administration’s efforts closely mirror a similar move by the Obama administration, which attempted to reverse workplace raids authorized under President George W. Bush by targetting those who employ undocumented workers rather than the workers themselves.
That effort, however, still led to thousands of undocumented workers being fired.
See what others are saying: (The Washington Post) (The New York Times) (ABC News)
Mom Charged for Hosting Secret Teen Parties, Pressuring Kids To Drink and Engage in Sex Acts
Investigators said some of the sex acts between teens were non-consensual and at times took place while the mother stood by laughing.
Mother Hit With Dozens of Charges
A California mother is facing 39 criminal charges after hosting a series of illegal parties for her teenage son and his mostly 14- and 15-year-old friends that regularly led to dangerous accidents and sexual assaults.
The mother, 47-year-old Shannon O’Connor, also known as Shannon Bruga, is currently awaiting extradition to Santa Clara County. According to The Mercury News, she was arrested Saturday in Ada County, Idaho, where she has a home in addition to her property in Los Gatos that is currently on the market.
Her criminal charges include 12 felony counts and 10 misdemeanor counts of child endangerment, one count of misdemeanor sexual battery, three counts of misdemeanor child molestation, and 13 misdemeanor counts of providing alcohol to minors.
“It took a lot of brave children to come forward and to untangle this deeply disturbing case,” Santa Clara County District Attorney Jeff Rosen said in a press release regarding the case. “As a parent, I’m shocked. As the DA, I’m determined to hold those adults who endanger children fully accountable to the law and our community.”
What Happened During the Parties?
Investigators claim O’Connor organized the functions, attended by as many as 20 teens, via text message and Snapchat. She would then allegedly supply the teens with alcohol and push them to binge drink, often to the point of illness or unconsciousness.
The harm that resulted from their intoxication included one teen breaking a finger and another almost drowning in a hot tub, among other serious situations.
In another instance, O’Connor let an unlicensed drunk teen drive her car. Her son and another one of his friends then hung off the back while it was moving, which caused the friend to fall, hit his head, and become unconscious for 30 seconds. He was later diagnosed with a concussion after spending the night vomiting.
O’Connor is additionally accused of manipulating and encouraging drunk teens to participate in sex acts with one another, which were sometimes non-consensual or carried out while she watched. In some cases, she allegedly laughed while the sexual acts happened or when assault victims asked her why she didn’t step in to help.
Investigators added that O’Connor required teens who attended her parties to keep them a secret. She’s even accused of helping them sneak out of their homes so she could drive them to her events. Authorities said she was found to have bullied at least one teen who she suspected of breaking the secret.
“Everyone should feel relieved this woman’s not on the street,” the parents of one assault victim told The Mercury News. “She was grooming these kids, setting them up for sexual acts, and she’s a mother and doing this to her own child. … I’ve been racking my brain trying to think what was in it for her.“