Digital Assets: Hackers, Suspected Of Russian Origin, Breach The U.S. Treasury
The FBI is investigating Cozy Bear, a group working for the Russian foreign intelligence service.
According to a Reuters report, hackers infiltrated departments in the U.S. government and read their emails. The criminals are presumably working for Russia, and the attack could have much wider repercussions, Reuters’ sources said.
The bad actors targeted the U.S. Treasury and Commerce Department’s National Telecommunications and Information Administration (NTIA).
President Trump fired Christopher Krebs, the nation’s top cybersecurity official, about a month ago.
Serious breach, engineered presumably by Russian affiliates
The ramifications of the hack attack were serious enough to warrant a meeting of the National Security Council at the White House on Saturday.
CNBC said the White House confirmed the breach.
“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” National Security Council spokesman John Ullyot said in an email to CNBC.
A Department of Commerce spokesperson also confirmed the hack.
“We can confirm there has been a breach in one of our bureaus. We have asked CISA and the FBI to investigate, and we cannot comment further at this time,” the person told NBC News.
Though discovered only recently, the attack campaign probably commenced in the summer, according to a senior U.S. official.
Modus operandi – “supply chain attack”
People familiar with the matter told Reuters that the attackers gained entry by hiding malicious code inside software updates provided by IT company Solar Winds.
The company said Sunday that certain updates it had released between March and June this year had been compromised by a “highly-sophisticated, targeted and manual supply chain attack by a nation-state.”
The NTIA cyber attack used the Microsoft Office 365 platform. One person said the attack was able to get past the platform’s authentication controls. Another said: “This is a nation-state.”
Solar Winds serves the entire gamut of government, having customers in its military, intelligence, and the executive branch.
The attack and the expanse of the company’s clientele have raised fears that more U.S. Government agencies could turn out to be victims.
According to the Washington Post, the attackers were the Cozy Bear group. This outfit allegedly works for the Russian foreign intelligence service.
The attack campaign is believed to be the same that recently infiltrated top cybersecurity firm FireEye (NASDAQ: FEYE).
Latest Alternative Investment News
A lot of money from pandemic related stimulus measures appears to be sloshing around in the system. According to one opinion, some of that is headed for VC funds. TCV,…
Stilt provides loans and financial services to immigrants and people underserved by the banking system. The five-year old startup announced Wednesday its raise of $100 million as a warehouse lending…
Researchers at the University of Alberta developed an AI tool for predicting schizophrenia from brain scans of healthy close relatives (such as children or siblings) of persons suffering from the…
The numbers are out for the Wave BTC Income & Growth Digital Fund’s first full year of trading, and they’re impressive. The fund scored a 145.8% annual gain for its…