US agencies call ‘Russian intelligence operation’ suspicious for SolarWinds invasion Altieres Rohr’s blog

US agencies call 'Russian intelligence operation' suspicious for SolarWinds invasion Altieres Rohr's blog

The United States government has published a “joint note” signed by four federal agencies charged to investigate developments in the Solar Winds invasion and for the first time publicly commented on those responsible for the attack.

According to the statement, Executives work with vision The invaders have “Possible Russian origin” And performed “Intelligence gathering”.

The note confirms the allegations published in the US press. Shortly after the case went public on December 13, several publications such as the New York Times and Washington Post said the government suspected Russian involvement.

President Donald Trump also posted on Twitter that China was a potential suspect in the cyber attack and attacked the press for accusations against Russia.

The statement authorizing suspicion against Russia was signed by four federal agencies:

  • Hey FBI, Which acts like the United States Federal Police;
  • National Security Agency (NSA), headed by the military;
  • Office of the Director of National Security (ODNI), which coordinates intelligence agencies in the United States;
  • Infrastructure Security and Cyber ​​Security Agency (CISA), a body created during the Donald Trump administration to coordinate digital security operations.

The text does not mention the government of Russian President Vladimir Putin, leaving open the possibility that another unit may have carried out the attack. The Russian government has already approached the matter and denied any involvement.

Investigators say they believe the number of affected companies was relatively small compared to a universe of 18,000 potential targets.

FireEye revealed that its network had been hacked on 13 December, triggering an action search that reached dozens of institutions and rendered nearly 18,000 networks vulnerable – Photo: Beck Diefenbach / Reuters

SolarWinds makes software used by large companies and government agencies to facilitate monitoring and management of computer networks. Through this system, a company can easily identify areas of the network that are experiencing problems or slowness, for example.

Hackers entered the SolarWinds network and tampered with Orion software, creating a revised update that installed a spy program on about 18,000 company customers who downloaded the sabotage program.

While this code allowed initial access – a “back door” for attack systems – the attackers had to work on each target to move through the network, which the US government believes has happened in some cases .

Companies to be affected include Microsoft, the maker of Windows, and well-known digital security consultant FireEye. It was FireEye that went public about the December 13 attack. A day later, the United States government issued a recommendation that the system be immediately shut down or disconnected with Orion software, confirming that the federal departments were also a hit.

The investigation of the case is still going on. Most targets have not been identified.

Questions about security, hackers and viruses? Send to [email protected]

Tips for your digital security:

5 security tips for your digital life

VIDEOS: See more tips on digital security

Sarah Gracie

About the author: Sarah Gracie

Sarahis a reporter covering Amazon. She previously covered tech and transportation, and she broke stories on Uber's finances, self-driving car program, and cultural crisis. Before that, she covered cybersecurity in finance. Sarah's work has appeared in The Wall Street Journal, Bloomberg, Politico, and the Houston Chronicle.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *