Connect with us

U.S.

Multiple Government Agencies Targeted by Advanced Russian Hack

Published

7 months ago

on

  • Multiple government agencies including the Department of Homeland Security, the Department of State, and parts of the Pentagon have been hacked in a far-reaching attack widely believed to be led by Russia.
  • Experts have said the attack was highly advanced, and while the damage is unclear, more agencies are expected to be hit.
  • The hack was first discovered last week by the cybersecurity firm FireEye, which later found the attackers had entered government servers undetected this spring, giving them free rein for much of the past year.
  • The hackers first infiltrated the systems of the firm SolarWinds, which makes network-management software used by many government agencies and large companies. They later gained access to SolarWinds’ clients by infecting software updates the company sent its customers with malware.
  • While the motive is currently unknown, experts have said the recent hack is classic espionage.

Federal Agencies Hacked

At least half a dozen U.S. federal agencies — including several national security-related departments — have been the victims of a highly advanced suspected Russian hack. 

The attacks were first reported Sunday when Trump administration officials at the Treasury and Commerce departments confirmed that key networks had been breached and that the hackers had free range of their email systems.

On Monday, officials in the Homeland Security and State departments, the National Institutes of Health, and parts of the Pentagon also told reporters that they had been hit. 

Currently, the extent of the hacks and the damage they have done is unknown, but people close to the matter have said that the number of federal agencies that were attacked is expected to grow.

While the knowledge of these attacks comes at the close of a tumultuous election season, cybersecurity experts involved in the matter have said that the systems were infiltrated months ago. Top U.S. intelligence agencies did not detect the hacks until they were informed of the breaches by FireEye, a third-party cybersecurity company that had also been a target.

FireEye, which is contracted by intelligence agencies and other federal departments to find and patch security holes in networks that could be vulnerable to hackers, reported last week that hackers from a then-unidentified nation-state had entered their systems and stolen their anti-hacking tools.

The company soon found out that the attack expanded far beyond their own systems. In a statement released Sunday, FireEye described a global campaign of victims that included “government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East.” 

SolarWinds

FireEye described the hack as incredibly sophisticated and “some of the best operational security” that they had ever seen in a cyberattack. It also noted that the hackers used at least one piece of malware that has never been previously detected.

The cybersecurity firm said that all of the involved organizations had been hit through a supply-chain attack, where cybercriminals infiltrate a target organization by hacking outside companies supplying products to the intended target that are then introduced into computer networks.

In this case, FireEye found that the supply chain attack started with an Austin-based company called SolarWinds that makes and supplies a widely-used network-management software called Orion.

The attackers hacked SolarWind and manipulated the software updates that the company sends out to their clients whenever there is an upgrade to Orion — much like the notifications your phone or computer sends when it has a software update.

When SolarWinds sent those infected updates to their clients, the hackers were able to gain access to these organizations when they downloaded the Orion update. Very notably, FireEye also said those software updates were delivered to customers between March and May, meaning that these hackers had free reign over these systems undetected for the better part of a year.

As for how many agencies or companies were impacted, right now, it is not entirely clear. In a federal securities filing Monday, SolarWinds reported that of its more than 300,000 clients, only 33,000 use Orion. Of those 33,000, fewer than 18,000 of its customers may have installed the corrupted software, the company said, though it also added it did not yet know how many systems were actually hacked.

However, other experts say the number is actually much, much lower.

“We think the number who were actually compromised were in the dozens,” Charles Carmakal, a senior vice president at FireEye told The New York Times. “But they were all the highest-value targets.”

In addition to the other government agencies that have said they were impacted, SolarWinds also contracts with all five branches of the military, the Executive Offices of the President, the Centers for Disease Control and Prevention, and the National Security Agency — which is the world’s top electronic spy agency.

SolarWinds also has other clients all around the world. According to reports, its services are used by almost all Fortune 500 companies, major defense contractors such as Boeing, and the Los Alamos National Laboratory where nuclear weapons are designed.

While it is unclear how many of those organizations used Orion, experts say that might not matter. As The Times reported, investigators have said that the hackers “used multiple entry points in addition to the compromised Orion software update, and that this may be only the beginning of what they find.”

In fact, in its Monday filing, SolarWinds even explicitly said that Microsoft’s Office 365 email may have also been “an attack vector” used by the attackers. In a blog post Sunday, Microsoft said that it has not found any product vulnerabilities in its own investigation of the hacks.

Suspected Russian Involvement

Neither SolarWinds nor FireEye specifically named the Russians, but numerous officials close to the matter have said that their investigation has pointed to a top Russian foreign intelligence agency known as the SVR, often called Cozy Bear or A.P.T. 29.

While the SVR is known as a traditional collector of intelligence, specializing in digital spying, it is not known for the kind of disinformation campaigns that we saw the Russians running in the 2016 election.

As a result, experts have said that this hack was not a campaign intended to undermine the election like last time, but rather to spy on the highest levels of the government.

“This is classic espionage,” Thomas Rid, a political science professor at the Johns Hopkins School of Advanced International Studies who specializes in cybersecurity issues told The Washington Post. “It’s done in a highly sophisticated way…. But this is a stealthy operation.”

“This so far appears to be classic digital spying of the sort that major nations, including the United States, engage in every day to gain geopolitical edges of various sorts,” The Post added.

“That’s a nine-month stretch that included — to name just a few of the important events that would have created computer files interesting to spies — the worst of the coronavirus pandemic, the historically fast development of vaccines using novel technology, and the U.S. presidential and congressional elections.”

As expected, Russian officials have denied any involvement. In a statement Sunday, the Russian Embassy in Washington called the reports “baseless” and said that Russia “does not conduct offensive operations in the cyber domain.”

Despite this claim, the U.S. intelligence community has extensively documented and verified numerous successful and attempted cyberattacks by Russia in the last several years. 

See what others are saying: (The Washington Post) (The New York Times) (Reuters)

Related Topics:

U.S.

Couple Slammed Over Slavery-Themed Pre-Wedding Photoshoot

Published

1 day ago

on

July 22, 2021

By

Many have expressed outrage at the duo for trying to romanticize slavery while others were left completely dumbfounded by the entire ordeal.

Photoshoot Goes Viral

A couple has come under fire after sharing images on Instagram from their slavery-themed pre-wedding photoshoot.


The photos show a Black man in shackles looking deeply into his white fiancé’s eyes before she works to releases him.


1842. Days passed and everything changed, our love got stronger and stronger, he was no longer a slave, he was part of the family,” the post’s caption reads.


To indicate his transition from “slave” to family, a fourth image shows him wearing a long coat and top hat with well-shined shoes, as opposed to the white shirt, trousers, and straw hat he wore in the previous images.

Social Media Users React

It’s not immediately clear who these people are since the social media handle is redacted in the images circulating online.

Still, many have expressed outrage at the duo for trying to romanticize slavery while others were left just completely dumbfounded by this entire ordeal. Some also directed criticism at the photographer who agreed to the shoot, along with the hundreds of Instagram users who liked the original posts.

@cdntheplayers

#greenscreen #Slavery #Racism #White #WhitePeople #fyp #BlackTikTok #BLM #BlackLivesMatter

♬ I was Born by The River – Jabez

See what others are saying: (The Daily Dot) (Black Enterprise) (BET)

Continue Reading

U.S.

Couple Whose Gender Reveal Sparked CA Wildfire Hit With 30 Charges, Including Involuntary Manslaughter

Published

2 days ago

on

July 21, 2021

By

The fire, which caused massive damage and took months to extinguish, also killed the head of an elite firefighting team.

Gender Reveal Sparks Deadly Wildfire

A couple whose gender reveal party sparked the El Dorado wildfire in Southern California earlier this year has pleaded not guilty after they were hit with 30 charges, authorities said Tuesday.

Refugio Manuel Jimenez Jr. and Angela Renee Jimenez triggered the fire in Yucaipa on Sept. 5 with a smoke bomb that exploded in especially dry and hot conditions.

By the time the fire was extinguished in November, it had burned over 22,000 acres of land, injured more than a dozen people, forced hundreds of evacuations, and destroyed at least 10 structures.

The blaze also took the life of 39-year-old Charlie Morton, the leader of an elite firefighting team who worked as a firefighter for 18 years.

“He’s fighting a fire that was started because of a smoke bomb. That’s the only reason he’s there,” San Bernardino County District Attorney Jason Anderson said at a news conference.

Charges Include Involuntary Manslaughter

Authorities have charged the couple responsible for the wildfire with one felony count of involuntary manslaughter, three felony counts of recklessly causing a fire with great bodily injury, four felony counts of recklessly causing a fire to inhabited structures, and 22 misdemeanor counts of recklessly causing fire to the property of another.

The charges were filed after a grand jury heard 34 witness interviews over four days. A total of 434 exhibits were ultimately presented to the grand jury, leading to the indictment that was unsealed Tuesday.

After entering their not guilty pleas, the duo was released on their own recognizance until their next scheduled court date. CBS Los Angeles reported that they could face up to 20 years each if convicted as charged.

“You’re obviously dealing with lost lives, you’re dealing with injured lives, and you’re dealing with people’s residences that were burned and their land that was burned. That encompasses a lot of, not only emotion, but damage, both financially and psychologically,” Anderson explained at the press conference.

He also stressed that part of the reason the investigation and ultimate prosecution took so long was because authorities wanted to make sure justice was fully served.

“Given the scope and the impact of the El Dorado Fire on the land and lives of so many, particularly Charles Morton and his family, it was imperative that every investigation be completed within both federal and state agencies to provide a full, fair presentation to the members of our community,” he said.

See what others are saying: (CNN)(CBS)(NBC)

Continue Reading

U.S.

Los Angeles County Reinstates Indoor Mask Mandate Amid Rising Cases

Published

1 week ago

on

July 16, 2021

By

The renewed restrictions for the nation’s largest county come as coronavirus infections have been spiking across America, with new cases doubling in the last two weeks.

L.A. County Masks Up, Again

Starting Saturday, Los Angeles County will require people to wear face masks indoors again regardless of vaccination status as the nation’s most populous county grapples with a surge of COVID-19 cases.

In a press conference Thursday, L.A. County health officials pointed to low vaccination rates, a steady climb in new infections, and the rapid spread of the highly transmissible delta variant as driving factors behind the decision.

“We’re not where we need to be for the millions at risk of infection here in Los Angeles County, and waiting to do something will be too late given what we’re seeing now,” county Health Officer Dr. Muntu Davis said. “This is an all-hands-on-deck moment.”

Without providing full details, Davis said there would be some exceptions to the restrictions, including people being allowed to take off their masks while eating and drinking at restaurants.

The move comes as community transmission in the county has skyrocketed since June 15, when California reopened its economy and ended capacity limits, along with social distancing guidelines.

For the week-long period ending on that date, L.A. County had averaged 173 new coronavirus cases a day. Exactly one month later, those numbers have increased by nearly 580%, with the county reporting an average of 1,176 infections a day for the seven-day period ending July 15.

On Thursday, officials logged over 1,537 more cases — the highest figure since early March. Around 70% of COVID samples in the county from June 27 to July 3 were identified as delta variants.

Notably, the vast majority of those impacted have not been vaccinated against the coronavirus. According to reports, between Dec. 7 and June 7, unvaccinated people made up 99.6% of L.A. County’s COVID cases, 98.7% of hospitalizations, and 99.8% of deaths.

Only five million of the more than 10 million residents in the county have been inoculated against the virus.

Cases Surge Across U.S.

L.A. County is not the only locality that has seen a spike in COVID cases, though it is one of the few that has taken firm action.

New cases largely driven by the delta variant, which the Centers for Disease Control and Prevention says now accounts for nearly 60% of all infections in the U.S., have more than doubled in the last two weeks, according to The New York Times tracker.

The 14-day average has risen dramatically from 12,799 on July 1 to 28,315 on July 15.

According to The Times, 49 states have seen at least a 15% increase over the past 14 days, and 19 of those states are reporting double or more the number of new infections. Full outbreaks, largely concentrated in the South, have emerged in a number of states with low vaccination rates.

In the last two weeks, Arkansas, which is currently reporting the highest per capita COVID cases in America, has seen increases of 120% for new cases and 77% for hospitalizations. Florida and Tennesee have seen the most significant 14-day spikes in terms of population percentage, reporting surges of 232% and 373% respectively.

Some states and counties have begun to make additional safety recommendations. Officials in Mississippi, where cases have risen over 70% since July 1, have urged both vaccinated and unvaccinated senior residents to avoid large indoor gatherings.

Health officials in California’s Sacramento and Yolo counties also issued voluntary warnings this week for all residents to wear masks while indoors.

However, it remains to be seen whether more localities will reimpose mandatory requirements or restrictions as cases continue to swell and the delta variant proliferates. 

Rising cases in the U.S. and abroad also pose a more long-term threat to global efforts to fight the pandemic. On Thursday, the World Health Organization warned that the influx of new cases in many parts of the world will enhance the likelihood of more severe variants emerging that will be difficult to control with vaccinations.

The WHO also urged wealthier countries like the U.S. — where just over 50% of people are vaccinated despite the existence of supplies for all those eligible  — to send more jabs overseas.

See what others are saying: (The Los Angeles Times) (The New York Times) (The Associated Press)

Continue Reading