Russian hackers hit US government using widespread supply chain attack

reader comments

10 with 8 posters participating

Russian hackers have breached networks belonging to the US government and private organizations worldwide in a widespread espionage campaign that uses the global software supply chain to infect targets.

The US Treasury and Commerce departments are among the US government agencies hit in an operation that multiple news outlets, citing people familiar with the matter, said was led by Cozy Bear, a hacking group believed to be part of the Russian Federal Security Service or FSB. Word of attacks arrived on Sunday, five days after FireEye, the $3.5 billion security company, said on Tuesday it had been hacked by a nation state.

On Sunday night, FireEye said the attackers were infecting targets using Orion, a widely used business software app from SolarWinds. After taking control of the Orion update mechanism, the attackers were using it to install a backdoor that FireEye researchers are calling Sunburst.

wrote. “The victims have included government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East. We anticipate there are additional victims in other countries and verticals. FireEye has notified all entities we are aware of being affected.”

After using the Orion update mechanism to gain a foothold on targeted networks, Microsoft said in its own post, the attackers are stealing signing certificates that allow them to impersonate any of a target’s existing users and accounts, including highly privileged accounts.

In a separate post FireEye said it has

Continue reading – Article source

Similar Posts:

• All About Webmail
• Applying Eyelash Serum 101: How to Use Eyelash Serum Properly
• The Comforting Comeback of the Bathhouse
• Rubber Car Floor Mats
• Amazing Benefits of Webhosting