Russian hack, undetected for months, hit Pentagon & homeland security too

Russian hack, undetected for months, hit Pentagon & homeland security too

WASHINGTON: The scope of a hack engineered by one of Russia’s premier intelligence agencies became clearer on Monday, when some Trump administration officials acknowledged that other federal agencies — the state department, the department of homeland security and parts of the Pentagon — had been compromised. Investigators were struggling to determine the extent to which the military, intelligence community and nuclear labs were affected by the sophisticated attack.
US officials did not detect the attack until recent weeks, and then only when a private cybersecurity firm, FireEye, alerted American intelligence that the hackers had evaded layers of defences.
About 18,000 private and government users downloaded a Russian tainted software update — a Trojan horse of sorts — that gave its hackers a foothold into victims’ systems, according to SolarWinds, the company whose software was compromised. The hack began as early as
March. Among those who use SolarWinds software are the Centers for Disease Control and Prevention, the state department, the justice department and parts of the Pentagon. Los Alamos National Laboratory, where nuclear weapons are designed, also uses SolarWinds products to monitor their networks. So do major defence contractors like Boeing, which declined on Monday to discuss the attack. The department of homeland security issued an obfuscating official statement: “The department is aware of reports of a breach. We are currently investigating the matter.”
Parts of the Pentagon were also affected. “The DOD is aware of the reports and is currently assessing the impact,” said Russell Goemaere, a Pentagon spokesperson. A state department spokesperson declined to comment. The early assessments of the intrusions — believed to be the work of Russia’s SVR, a successor to the KGB — suggest that the hackers were highly selective about which victims they exploited for further access and data theft. NYT

Source From : Times Of India

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *