Connect with us

U.S.

Multiple Government Agencies Targeted by Advanced Russian Hack

Published

1 month ago

on

  • Multiple government agencies including the Department of Homeland Security, the Department of State, and parts of the Pentagon have been hacked in a far-reaching attack widely believed to be led by Russia.
  • Experts have said the attack was highly advanced, and while the damage is unclear, more agencies are expected to be hit.
  • The hack was first discovered last week by the cybersecurity firm FireEye, which later found the attackers had entered government servers undetected this spring, giving them free rein for much of the past year.
  • The hackers first infiltrated the systems of the firm SolarWinds, which makes network-management software used by many government agencies and large companies. They later gained access to SolarWinds’ clients by infecting software updates the company sent its customers with malware.
  • While the motive is currently unknown, experts have said the recent hack is classic espionage.

Federal Agencies Hacked

At least half a dozen U.S. federal agencies — including several national security-related departments — have been the victims of a highly advanced suspected Russian hack. 

The attacks were first reported Sunday when Trump administration officials at the Treasury and Commerce departments confirmed that key networks had been breached and that the hackers had free range of their email systems.

On Monday, officials in the Homeland Security and State departments, the National Institutes of Health, and parts of the Pentagon also told reporters that they had been hit. 

Currently, the extent of the hacks and the damage they have done is unknown, but people close to the matter have said that the number of federal agencies that were attacked is expected to grow.

While the knowledge of these attacks comes at the close of a tumultuous election season, cybersecurity experts involved in the matter have said that the systems were infiltrated months ago. Top U.S. intelligence agencies did not detect the hacks until they were informed of the breaches by FireEye, a third-party cybersecurity company that had also been a target.

FireEye, which is contracted by intelligence agencies and other federal departments to find and patch security holes in networks that could be vulnerable to hackers, reported last week that hackers from a then-unidentified nation-state had entered their systems and stolen their anti-hacking tools.

The company soon found out that the attack expanded far beyond their own systems. In a statement released Sunday, FireEye described a global campaign of victims that included “government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East.” 

SolarWinds

FireEye described the hack as incredibly sophisticated and “some of the best operational security” that they had ever seen in a cyberattack. It also noted that the hackers used at least one piece of malware that has never been previously detected.

The cybersecurity firm said that all of the involved organizations had been hit through a supply-chain attack, where cybercriminals infiltrate a target organization by hacking outside companies supplying products to the intended target that are then introduced into computer networks.

In this case, FireEye found that the supply chain attack started with an Austin-based company called SolarWinds that makes and supplies a widely-used network-management software called Orion.

The attackers hacked SolarWind and manipulated the software updates that the company sends out to their clients whenever there is an upgrade to Orion — much like the notifications your phone or computer sends when it has a software update.

When SolarWinds sent those infected updates to their clients, the hackers were able to gain access to these organizations when they downloaded the Orion update. Very notably, FireEye also said those software updates were delivered to customers between March and May, meaning that these hackers had free reign over these systems undetected for the better part of a year.

As for how many agencies or companies were impacted, right now, it is not entirely clear. In a federal securities filing Monday, SolarWinds reported that of its more than 300,000 clients, only 33,000 use Orion. Of those 33,000, fewer than 18,000 of its customers may have installed the corrupted software, the company said, though it also added it did not yet know how many systems were actually hacked.

However, other experts say the number is actually much, much lower.

“We think the number who were actually compromised were in the dozens,” Charles Carmakal, a senior vice president at FireEye told The New York Times. “But they were all the highest-value targets.”

In addition to the other government agencies that have said they were impacted, SolarWinds also contracts with all five branches of the military, the Executive Offices of the President, the Centers for Disease Control and Prevention, and the National Security Agency — which is the world’s top electronic spy agency.

SolarWinds also has other clients all around the world. According to reports, its services are used by almost all Fortune 500 companies, major defense contractors such as Boeing, and the Los Alamos National Laboratory where nuclear weapons are designed.

While it is unclear how many of those organizations used Orion, experts say that might not matter. As The Times reported, investigators have said that the hackers “used multiple entry points in addition to the compromised Orion software update, and that this may be only the beginning of what they find.”

In fact, in its Monday filing, SolarWinds even explicitly said that Microsoft’s Office 365 email may have also been “an attack vector” used by the attackers. In a blog post Sunday, Microsoft said that it has not found any product vulnerabilities in its own investigation of the hacks.

Suspected Russian Involvement

Neither SolarWinds nor FireEye specifically named the Russians, but numerous officials close to the matter have said that their investigation has pointed to a top Russian foreign intelligence agency known as the SVR, often called Cozy Bear or A.P.T. 29.

While the SVR is known as a traditional collector of intelligence, specializing in digital spying, it is not known for the kind of disinformation campaigns that we saw the Russians running in the 2016 election.

As a result, experts have said that this hack was not a campaign intended to undermine the election like last time, but rather to spy on the highest levels of the government.

“This is classic espionage,” Thomas Rid, a political science professor at the Johns Hopkins School of Advanced International Studies who specializes in cybersecurity issues told The Washington Post. “It’s done in a highly sophisticated way…. But this is a stealthy operation.”

“This so far appears to be classic digital spying of the sort that major nations, including the United States, engage in every day to gain geopolitical edges of various sorts,” The Post added.

“That’s a nine-month stretch that included — to name just a few of the important events that would have created computer files interesting to spies — the worst of the coronavirus pandemic, the historically fast development of vaccines using novel technology, and the U.S. presidential and congressional elections.”

As expected, Russian officials have denied any involvement. In a statement Sunday, the Russian Embassy in Washington called the reports “baseless” and said that Russia “does not conduct offensive operations in the cyber domain.”

Despite this claim, the U.S. intelligence community has extensively documented and verified numerous successful and attempted cyberattacks by Russia in the last several years. 

See what others are saying: (The Washington Post) (The New York Times) (Reuters)

Related Topics:

U.S.

Florida Cracks Down on “Vaccine Tourism”

Published

2 days ago

on

January 22, 2021

By

  • Florida is now requiring that people show proof of either full-time or part-time residency in the state in order to get vaccinated against COVID-19. 
  • The state has been hit with “vaccine tourism” as many people, predominantly wealthy individuals, fly to the state from other parts of the U.S. and abroad just to get the shot. 
  • So far, nearly 41,000 of the 1.3 million doses administered in Florida went to out-of-staters, though it is unclear if all those people were tourists or if this figure includes some part-time residents.

Florida Requires Proof of Residency

Florida is cracking down on “vaccine tourism” and requiring that people show proof of either full-time or part-time residency in the state in order to get a COVID-19 shot.

Previously the state was allowing anyone 65 and older, including non-residents, to get the vaccine. This resulted in people flying to the Sunshine State from across the U.S. and abroad just for the purpose of receiving it. 

According to state data, nearly 41,000 of the 1.3 million doses Florida has administered have gone to out-of-staters. It is unclear if all these out-of-staters are tourists or if this figure includes some part-time residents. 

Now, people must show a form of identification like a driver’s license or mortgage payment to receive it. Exceptions will be made for healthcare workers. 

Vaccine Supply Continues to Be Limited

Wealthy people in particular were quick to schedule travel plans to Florida for this reason. According to the Wall Street Journal, there was an influx of Canadians booking private jets to Florida. Some were looking to book flights there and back on the same day, leaving just enough time for them to get vaccinated against the coronavirus. 

Meanwhile, people in Florida and across the country are waiting in long lines and struggling to book appointments on glitching websites to get their shots. Vaccine supply continues to be incredibly limited and not everyone in high-risk groups have received them.

Florida Governor Ron DeSantis said this rule is not made to impact snowbirds, people who live in Florida during the winter to escape cold weather up north. 

“They go to doctors here or whatever, that’s fine, DeSantis said, according to CNN. “What we don’t want is tourists, foreigners. We want to put seniors first, but we obviously want to put people that live here first in line.”

See what others are saying: (Wall Street Journal) (CNN) (Travel + Leisure)

Continue Reading

U.S.

Amanda Gorman Wows the Nation With “The Hill We Climb”

Published

3 days ago

on

January 21, 2021

By

  • Amanda Gorman, a 22-year-old poet, impressed the nation when she read “The Hill We Climb” at President Biden’s inauguration, making her the youngest inaugural poet in the nation’s history.
  • Gorman’s said the Jan. 6 attack on the nation’s Capitol inspired her to focus on a message of hope, community, and healing in her poem.
  • Big names like Oprah Winfrey, Anderson Cooper, Barack Obama, and Lin-Manuel Miranda have all praised her work.

Amanda Gorman Becomes Youngest Inaugural Poet

Inaugural poet Amanda Gorman wowed the nation on Wednesday as she spoke of healing, unity, hope, and what it means to be American while reading her poem, “The Hill We Climb.”

At 22-years-old Gorman is the youngest inaugural poet in the nation’s history. Born and raised in Los Angeles, she was the youth poet laureate of Los Angeles in 2014 at the age of 16. She then became the first national youth poet laureate in 2017. 

Now, her books are topping Amazon’s Best Sellers list and they are not even scheduled to be released until the fall.

First Lady Dr. Jill Biden became a fan of Gorman after watching her give a reading at the Library of Congress. She then suggested that Gorman be a part of the ceremony. 

“Let the globe, if nothing else, say this is true: That even as we grieved, we grew. That even as we hurt, we hoped That even as we tired, we tried,” Gorman recited during inauguration. “That we’ll forever be tied together, victorious. Not because we will never again know defeat but because we will never again sow division.”

Like President Biden, Gorman has struggled with a speech impediment and has been open about her experience overcoming it. She actually used poetry as a tool to correct it. First, she used it as a way of expressing herself without having to speak. Then she used it to bring her poems to life.

“Once I arrived at the point in my life in high school, where I said, ‘you know what? Writing my poems on the page isn’t enough for me,” she told CBS News. “I have to give them breath, and life, I have to perform them as I am.’ That was the moment that I was able to grow past my speech impediment.”

What Inspired “The Hill We Climb”

Gorman said the inaugural committee gave her freedom and flexibility when it came to choosing what to write about. She was well on her way before the Jan. 6 attack on the U.S. Capitol. Those events then influenced her writing. 

“It energized me even more to believe that much more firmly in a message of hope, community and healing. I felt like that was the type of poem that I needed to write and it was the type of poem that the country and the world needed to hear,” she told CNN’s Anderson Cooper.  

That message came across clearly and the insurrection was depicted in part of “The Hill We Climb.”

“It’s because being American is more than a pride we inherit. It’s the past we step into and how we repair it. We’ve seen a force that would shatter our nation rather than share it, would destroy our country if it meant delaying democracy and this effort very nearly succeeded,” she said. “But while democracy can be periodically delayed it can never be permanently defeated. In this truth, in this faith we trust. For while we have our eyes on the future history has its eyes on us.”

Nation Impressed by Gorman

“Wow…Wow, I just, wow you’re awesome,” Cooper said when closing his interview with her. “I am so transfixed.” 

Lin-Manuel Miranda also cheered Gorman on. “The Hill We Climb” notably references a line of scripture that appears in a “Hamilton” song. Gorman also said she used to sing the song “Aaron Burr, Sir” to help her say her R sounds and correct her speech impediment. 

“I have never been prouder to see another young woman rise!” Oprah Winfrey wrote. “Brava Brava Amanda Gorman! Maya Angelou is cheering—and so am I.”

Winfrey also gave Gorman a ring with a caged bird on it—a reference to the famous Angelou poem— which Gorman wore during the inauguration. 

Actor Mark Ruffalo joined the onslaught of praise, saying that her words will lead the nation. 

Former President Barack Obama echoed that idea as well, and former Secretary of State Hillary Clinton said Gorman promised to run for president one day. 

See what others are saying: (CBS News) (New York Times) (Los Angeles Times)

Continue Reading

U.S.

SAT Drops Subject Tests and Optional Essay Section

Published

5 days ago

on

January 19, 2021

By

  • The College Board will discontinue SAT subject tests effective immediately and will scrap the optional essay section in June. 
  • The organization cited the coronavirus pandemic as part of the reason for accelerating these changes.
  • Regarding subject tests, the College Board said the other half of the decision rested on the fact that Advanced Placement tests are now more accessible to low-income students and students of color, making subject tests unnecessary. 
  • It also said it plans to launch a digital version of the SAT in the near future, despite failing to implement such a plan last year after a previous announcement.

College Board Ends Subject Tests and Optional Essay

College Board announced Tuesday that it will scrap the SAT’s optional essay section, as well as subject tests.

Officials at the organization cited the COVID-19 pandemic as part of the reason for these changes, saying is has “accelerated a process already underway at the College Board to simplify our work and reduce demands on students.”

The decision was also made in part because Advanced Placement tests, which College Board also administers, are now available to more low-income students and students of color. Thus, College Board has said this makes SAT subject tests unnecessary. 

While subject tests will be phased out for international students, they have been discontinued effective immediately in the U.S. 

Regarding the optional essay, College Board said high school students are now able to express their writing skills in a variety of ways, a factor which has made the essay section less necessary.

With several exceptions, it will be discontinued in June.

The Board Will Implement an Online SAT Test

In its announcement, College Board also said it plans to launch a revised version of the SAT that’s aimed at making it “more flexible” and “streamlined” for students to take the test online.

In April 2020, College Board announced it would be launching a digital SAT test in the fall if schools didn’t reopen. The College Board then backtracked on its plans for a digital test in June, before many schools even decided they would remain closed.

According to College Board, technological challenges led to the decision to postpone that plan.

For now, no other details about the current plan have been released, though more are expected to be revealed in April. 

See what others are saying: (The Washington Post) (NPR) (The New York Times)

Continue Reading