SolarWinds hackers stole details from US intelligence agencies |
Russian hackers suspected of using SolarWinds and Microsoft software to break into US federal agencies stole information about US intelligence investigations, guidelines on how to punish the Russian people, and the country's response to the coronavirus.
These hackers spread widely after their discovery late last year. US officials have indicted Russia's SVR foreign intelligence service. who denies this activity. However, little is known about the spy's goals and successes.
Some public companies were unwilling to explain their risks, which led to an intense investigation by the US Securities and Exchange Commission.
This movement drew the attention of the authorities for its cover-up and the slowness of its actions. Hackers have disrupted the SolarWinds token generation process, and SolarWinds has developed widely used network management software.
The company also took advantage of weaknesses in Microsoft's way of identifying users in Office 365. Use of Microsoft software violates certain goals. But not SolarWinds.
Previously, there were reports that hackers had hacked into the Department of Justice's unclassified network and read emails from the Department of the Treasury, the Department of Commerce and the Department of Homeland Security.
Nine federal agencies were also hacked. Hackers stole the digital certificate used to convince the computer that it could run the software, as well as the source code from Microsoft and other technology companies.
The exposure of the Russian defense problem is the biggest loss. A White House official said President Joe Biden has issued orders to improve the security of federal agencies, including the need for enhanced multi-factor authentication and increased monitoring of work equipment.
Microsoft said in an annual threat assessment report that Russian spies are looking for government documents about sanctions and other policies related to Russia, as well as methods the United States could use to catch Russian hackers.
Russian company invades federal contractor Solarwinds
Kristen Goodwin, chief executive of Microsoft's digital security division, said the company draws its conclusions from the types of customers and accounts it considers targets. "In this case, you can elicit operational objectives from it," she told Reuters.
Others involved in the government's investigation have gone further, saying they see the terms Russians use when searching for US digital files, including "sanctions."
A full description of the attacker's target would be helpful, said Chris Krebs, former director of the Office of Network Security and Infrastructure at the Department of Homeland Security and now a consultant to SolarWinds and other companies.
"If I were a threatened player in the environment, I would have clear goals," he added. First, I would like valuable information about the government decision-making process. It seems reasonable to have a sanctions policy. Second, understand how the target will react to an attack or negative reaction. I want to know what they know about me so I can improve my career and not get caught.
Over the past few months, Russian hackers who successfully infiltrated US federal agencies in 2020, have tried behind the scenes to infiltrate government networks in the United States and Europe.
The Russian group has hacked several technology companies with previously unreported activities. Hackers have also used new tools and techniques in some of their operations this year.