{"id":133779,"date":"2020-12-15T08:37:23","date_gmt":"2020-12-15T05:37:23","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/russian-hackers-hit-dhs-dod-nih-state-department\/"},"modified":"2020-12-15T08:37:23","modified_gmt":"2020-12-15T05:37:23","slug":"russian-hackers-hit-dhs-dod-nih-state-department","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/russian-hackers-hit-dhs-dod-nih-state-department\/","title":{"rendered":"#Russian hackers hit DHS, DoD, NIH, State Department"},"content":{"rendered":"

#Russian hackers hit DHS, DoD, NIH, State Department<\/strong>”
\n<\/p>\n

\n

LONDON\/WASHINGTON \u2014 The US Department of Homeland Security and thousands of businesses scrambled Monday to investigate and respond to a sweeping\u00a0hacking campaign that officials suspect was directed by the Russian government.<\/p>\n

Emails sent by officials at DHS, which oversees border security and defense against\u00a0hacking, were monitored by the\u00a0hackers as part of the sophisticated series<\/a> of breaches, three people familiar with the matter told Reuters Monday.<\/p>\n

The attacks, first revealed by Reuters Sunday, also hit the U.S. departments of Treasury and Commerce. Parts of the Defense Department were breached, the New York Times reported late Monday night, while the Washington Post reported that the State Department and National Institutes of Health were\u00a0hacked. Neither of them commented to Reuters.<\/p>\n

\u201cFor operational security reasons the DoD will not comment on specific mitigation measures or specify systems that may have been impacted,\u201d a Pentagon spokesman said.<\/p>\n

Technology<\/a> company SolarWinds, which was the key steppingstone used by the\u00a0hackers, said up to 18,000 of its customers had download<\/a>ed a compromised software update that allowed\u00a0hackers to spy unnoticed on businesses and agencies for almost nine months.<\/p>\n

The United States issued an emergency warning on Sunday, ordering government users to disconnect SolarWinds software which it said had been compromised by \u201cmalicious actors.\u201d<\/p>\n

That warning came after Reuters reported suspected Russian\u00a0hackers had used hijacked SolarWinds software updates to break into multiple American government agencies. Moscow denied having any connection to the attacks.<\/p>\n

One of the people familiar with the\u00a0hacking campaign said the critical network that DHS\u2019 cybersecurity division uses to protect infrastructure, including the recent elections, had not been breached.<\/p>\n

DHS said it was aware of the reports, without directly confirming them or saying how badly it was affected.<\/p>\n

DHS is a massive bureaucracy among other things responsible for securing the distribution of the COVID-19 vaccine.<\/p>\n

The cybersecurity unit there, known as CISA, has been upended by President Donald Trump\u2019s firing of head Chris Krebs after Krebs called the presidential election the most secure in American history. His deputy and the elections chief have also left.<\/p>\n

SolarWinds said in a regulatory disclosure it believed the attack was the work of an \u201coutside nation state\u201d that inserted malicious code into updates of its Orion network management software issued between March and June this year.<\/p>\n

\u201cSolarWinds currently believes the actual number of customers that may have had an installation of the Orion products that contained this vulnerability to be fewer than 18,000,\u201d it said.<\/p>\n

The company did not respond to requests for comment about the exact number of compromised customers or the extent of any breaches at those organizations.<\/p>\n

It said it was not aware of vulnerabilities in any of its other products and it was now investigating with help from U.S. law enforcement and outside cybersecurity experts.<\/p>\n

SolarWinds boasts 300,000 customers globally, including the majority of the United States\u2019 Fortune 500 companies and some of the most sensitive parts of the U.S. and British governments \u2013 such as the White House, defense departments and both countries\u2019 signals intelligence agencies.<\/p>\n

Because the attackers could use SolarWinds to get inside a network and then create a new backdoor, merely disconnecting the network management program is not enough to boot the\u00a0hackers out, experts said.<\/p>\n

For that reason, thousands of customers are looking for signs of the\u00a0hackers\u2019 presence and trying to hunt down and disable those extra tools.<\/p>\n

Investigators around the world are now scrambling to find out who was hit.<\/p>\n

A British government spokesman said the United Kingdom was not currently aware of any impact from the\u00a0hack\u00a0but was still investigating.<\/p>\n

Three people familiar with the investigation into the\u00a0hack\u00a0told Reuters that any organization running a compromised version of the Orion software would have had a \u201cbackdoor\u201d installed in their computer systems by the attackers.<\/p>\n

\u201cAfter that, it\u2019s just a question of whether the attackers decide to exploit that access further,\u201d said one of the sources.<\/p>\n

Early indications suggest that the\u00a0hackers were discriminating about who they chose to break into, according to two people familiar with the wave of corporate cybersecurity investigations being launched Monday morning.<\/p>\n

\u201cWhat we see is far fewer than all the possibilities,\u201d said one person. \u201cThey are using this like a scalpel.\u201d<\/p>\n

FireEye, a prominent cybersecurity company that was breached in connection with the incident, said in a blog post that other targets included \u201cgovernment, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East.\u201d<\/p>\n

\u201cIf it is cyber espionage, then it one of the most effective cyber espionage campaigns we\u2019ve seen in quite some time,\u201d said John Hultquist, FireEye\u2019s director of intelligence analysis.\n <\/p><\/div>\n

If you liked the article, do not forget to share it with your friends. Follow us on\u00a0Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n

\n

For forums sites go to Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n

\n

If you want to read more News<\/a> articles, you can visit our News category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n

Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

“#Russian hackers hit DHS, DoD, NIH, State Department” LONDON\/WASHINGTON \u2014 The US Department of Homeland Security and thousands of businesses scrambled Monday to investigate and respond to a sweeping\u00a0hacking campaign that officials suspect was directed by the Russian government. Emails sent by officials at DHS, which oversees border security and defense against\u00a0hacking, were monitored by…<\/p>\n","protected":false},"author":1,"featured_media":133780,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/nypost.com\/wp-content\/uploads\/sites\/2\/2020\/12\/dhs-1.jpg?quality=90&strip=all&w=1200","fifu_image_alt":"","footnotes":""},"categories":[70897],"tags":[85440,70921,4941,70513],"class_list":["post-133779","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-12-15-20","tag-department-of-homeland-security","tag-donald-trump","tag-hacking"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/133779","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=133779"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/133779\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/133780"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=133779"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=133779"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=133779"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}