Cyber Attack on U.S. Government Computer Systems, Russian Mastermind Suspected

 

 

The computer systems U.S. Treasury Department have been attacked by hackers, and it is the work of Russian hackers working for the Kremlin, reports say.  The hacking has taken place in the Treasury and Commerce departments’ systems.

There is every possibility that this attack has been there for several months before it was detected, say U.S. officials and media reports.

The U.S. government, acknowledging the breach, revealed that investigations are under way for a full assessment.

The hackers are supposed to have broken into the email systems at the Treasury and Commerce departments. However, the full extent of the breach is being assessment amidst fears of the extent of the penetration. The hackers may have penetrated other government departments as well and there is fear that private companies may also be under the radar.

The National Security Council and the Department of Homeland Security provided few details about the cyber attack.

“We have been working closely with our agency partners regarding recently discovered activity on government networks,” said NSC spokesman John Ullyot. “The United States government is aware of these reports, and we are taking all necessary steps to identify and remedy any possible issues related to this situation.”

Though the U.S. government has not mentioned Russia or any other party in the attack, Russia’s SVR had been blamed in the cyber attack that had taken place in 2014-15, when unclassified email systems at the State Department, Joint Chiefs of Staff, and the White House.

An emergency directive was called for and all federal civilian agencies were asked to review their computer networks for any signs of the compromise. They were asked to disconnect from all SolarWinds Orion products immediately.

Reports say that the hackers have used a “supply chain attack” method that embeds malicious code into software updates.

“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” CISA’s Acting Director Brandon Wales said in a statement. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners — in the public and private sectors — to assess their exposure to this compromise and to secure their networks against any exploitation.”

SolarWinds, based in Austin, Texas, put out its own statement saying it was aware that its systems were experiencing a “highly sophisticated, manual supply chain attack” on certain versions of its Orion platform software that it had released between March and June of 2020.

“We have been advised this attack was likely conducted by an outside nation-state and intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack,” the company said.

Kevin Thompson, SolarWinds president and CEO, said in a statement shared with NPR that the company is “acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community, and other law enforcement to investigate these matters. As such, we are limited as to what we can share at this time.”

Russia has denied any involvement in the current cyber attack.

“As for the rest, if there have been attacks for many months, and the Americans could not do anything about it, it is probably not worth immediately groundlessly blaming the Russians. We didn’t have anything to do with it,” Kremlin spokesman Dmitry Peskov said.

 

Source NPR

Photo Pixabay


Follow us on Google news for more updates and News










PLEASE READ THE IMPORTANT DISCLOSURES BELOW.

This content is being provided to you for informational purposes only. The content has been prepared by third parties not affiliated with CWEB Inc, a business. This content and any information contained therein, does not constitute a recommendation by CWEB to buy, sell or hold any security, financial product or instrument referenced in the content. This information neither is, nor should be construed as an offer, or a solicitation of an offer, to buy or sell securities by CWEB Inc. CWEB Inc. does not offer or provide any opinion regarding the nature, potential, value, suitability or profitability of any particular investment or investment strategy, and you shall be fully responsible for any investment decisions you make, and such decisions will be based solely on your evaluation of your financial circumstances, investment objectives, risk tolerance, and liquidity needs.

Unless stated otherwise, the web content provided by the CWEB family of companies is for educational purposes only. The information and tools provided neither are, nor should be construed, as an offer, or a solicitation of an offer, to buy or sell securities by CWEB Inc. or its affiliates. Unless stated otherwise, no information presented constitutes a recommendation by CWEB Inc. or its affiliates to buy, sell or hold any security, financial product or instrument discussed therein or to engage in any specific investment strategy.

Full Disclaimer

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.