Click to see full-size image
On December 13th, a “sophisticated hacking group backed by a foreign government” allegedly carried out a cyber attack and stole information from the U.S. Treasury Department and a U.S. agency responsible for deciding policy around the internet and telecommunications.
This was initially reported by Reuters, citing unnamed sources.
In a separate report, the Washington Post reported that not only had the US Treasury been subjected to a hacker attack, but also the US Department of Commerce, in addition to other government agencies.
This was a part of a “global espionage campaign that stretches back months,” and was allegedly carried out by the Russian government.
The report is based on claims by unnamed individuals “familiar with the matter.”
According to the outlet, the Russian hackers behind the attack are APT29 (also allegedly known as Cozy Bear), and they’re allegedly part of the SVR – Russia’s foreign intelligence service.
“The same Russian group hacked the State Department and the White House email servers during the Obama administration,” according to the report, recalling of an even that wasn’t backed by any evidence whatsoever.
The FBI is reportedly investigating the campaign, which may have begun as early as spring, and had no comment Sunday. The victims have included government, consulting, technology, telecom, and oil and gas companies in North America, Europe, Asia and the Middle East, according to FireEye.
Notably, FireEye claimed it had been breached itself.
The Russian Embassy in Washington called the reports of Russian hacking “baseless.”
In a statement on Facebook it said, “attacks in the information space contradict” Russian foreign policy and national interests. “Russia does not conduct offensive operations” in the cyber domain.
All of the organizations were breached through the update server of a network management system made by the firm SolarWinds, FireEye said in a blog post.
The federal Cybersecurity and Infrastructure Security Agency issued an alert Sunday warning about an “active exploitation” of the SolarWinds Orion Platform, from versions of the software released in March and June. “CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures,” the alert said.
SolarWinds said on December 13th, in a statement that monitoring products it released in March and June of this year may have been surreptitiously weaponized in a “highly-sophisticated, targeted . . . attack by a nation state.”
The company filed a document on December 14th with the Securities and Exchange Commission saying that “fewer than 18,000” of its more than 300,000 customers may have installed a software patch enabling the Russian attack. It was not clear, the filing said, how many systems were actually hacked.
The corporate filing also said that Microsoft’s Office 365 email may have been “an attack vector” used by the hackers.
SolarWinds products are used by organizations across the world. They include all five branches of the U.S. military, the Pentagon, State Department, Justice Department, NASA, the Executive Office of the President and the National Security Agency, the world’s top electronic spy agency, according to the firm’s website.
Its clients also include the top 10 U.S. telecommunications companies.
“This is a big deal, and given what we now know about where breaches happened, I’m expecting the scope to grow as more logs are reviewed,” said John Scott-Railton, a senior researcher at Citizen Lab at the University of Toronto’s Munk School of Global Affairs and Public Policy. “When an aggressive group like this gets an open sesame to many desirable systems, they are going to use it widely.”
According to Reuters, the situation was so serious that on December 12th it warranted a US National Security Council meeting.
“The United States government is aware of these reports, and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said National Security Council spokesman John Ullyot.
He did not comment on the country or group responsible.
MORE ON THE TOPIC:
Those were Russian hackers for sure. All logs were saved in Russian since they hacked the system! Russians did it!
They even wore gloves so as to not leave “prints”.
Russian hackers love all that attention)))
According to CNN they already found the GRU cyber HQ inside an Internet cafe, Putin’s passport and empty vodka bottles were recovered… Navalny is on his way to Pentagon to plan the final assault on Moscow, WWIII imminent…be very afraid….
ah ….. the empty vodka bottles ………. :P
Joke aside if it was really hacked only 3 culprits are realistic, the CIA, Mossad or the Chinese.
Not even the chinese, it was the CIA or Mossad for sure. You need to remember that you are dealing with people in Washington that don’t care not even the 0.0000000001 percent for their citizens, same people that destroyed the empire state and blame it on a pseudo foreign aggression, straight from the magical world of walt disney.
When in doubt just blame Russia, its a well worked practice.
pfffffffft
https://uploads.disquscdn.com/images/7abfaec7207bd18a1d03ec480056fae7aceabe40d6798c2a759f4cf8af6875a9.jpg https://www.thegatewaypundit.com/2020/12/breaking-nevada-gop-electors-cast-ballot-trump-now-dueling-electors-three-states-video/
Depending on how this plays out. It is potentially enough to flip the election.
Well within their constitutional right. I wasn’t expecting faithless electors but here we are.
On December 13th, a “sophisticated hacking group backed by a NSA” succeeded in hacking Hillary Clintons Toilet Computer.
NSA burger flippers obsessed w porn sites sell info to danish junkies for heroin then give to Russian mafia