Russia’s Foreign Intelligence Service Suspected of Hacking U.S. Treasury, Commerce, Other Departments
“This is a much bigger story than one single agency. This is a huge cyber espionage campaign targeting the U.S. government and its interests.”
Officials suspect a hacking group that works for the SVR, the Russian foreign intelligence service, breached many U.S. federal departments, including Treasury and Commerce’s National Telecommunications and Information Administration (NTIA).
From The Washington Post:
The FBI is investigating the campaign by a hacking group working for the Russian foreign intelligence service, SVR. The breaches have been taking place for months and may amount to an operation as long-running and significant as one that occurred in 2014-2015.
The group, known among private-sector security firms as APT29 or Cozy Bear, also hacked the State Department and the White House during the Obama administration.
All of the organizations were breached through a network management system called Solar Winds, according to three people familiar with the matter, who spoke on condition of anonymity because of the issue’s sensitivity. Solar Winds could not immediately be reached for comment.
It is not clear what information was accessed from the government agencies.
Reuters reported that “SolarWinds said software updates it released in March and June of this year may have been surreptitiously tampered with in a ‘highly-sophisticated, targeted and manual supply chain attack by a nation state.'”
Two people told Reuters that these breaches have a connection “to a broad campaign that also involved the recently disclosed hack on FireEye, a major U.S. cybersecurity company with government and commercial contracts.”
The White House and Commerce Department confirmed the hacks:
“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said National Security Council spokesman John Ullyot.
The hack is so serious it led to a National Security Council meeting at the White House on Saturday, said one of the people familiar with the matter.
The Commerce Department confirmed there was a breach at one of its agencies in a statement. “We have asked the Cybersecurity and Infrastructure Security Agency and the FBI to investigate, and we cannot comment further at this time.”
As noted above, this same group hacked the State Department and the White House when President Barack Obama sat in the White House.
It is obviously not going to stop. Sources said the group “broke into the NTIA’s office software, Microsoft’s Office 365.” These people also said the hackers “monitored” staff emails for months:
“This is a much bigger story than one single agency,” said one of the people familiar with the matter. “This is a huge cyber espionage campaign targeting the U.S. government and its interests.”
—
A Microsoft spokesperson did not immediately respond to a request for comment. Neither did a spokesman for the Treasury Department.
The hackers are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press.
“This is a nation state,” said a different person briefed on the matter.
We do not know all of the specifics. The investigation is still in the early stages. The FBI and “a range of federal agencies” are taking part in the investigation.
DONATE
Donations tax deductible
to the full extent allowed by law.
Comments
Wait, let me guess… This is all Trump’s fault, right media?
Tim Pool has a good video that deals (among other things) with the potential accusation that it’s Trump’s fault:
“US Hit By MAJOR Cyber Attack Going Back Maybe SIX MONTHS, Trump Was Right To Fire CISA Head”
https://www.youtube.com/watch?v=rTN-hqZVGVs
Imo the Communist Chinese did it.
The North Koreans, actually.
Krebs has got to be the luckiest SOB on the planet. He was fired just in time so he did not have to accept responsibility for the biggest software breach ever.
The Malware was loaded into the SolarWinds Release Package of their Network Management Tool. It compromised Treasure, Commerce and hundreds of Fortune 500 Companies.
And, yes. It did compromise the Federal Elections Commission for the last 6 months.
REVEALED:
SolarWinds Director Sold $45.7 MILLION in Stock Options Last Week Before CISA Announcement Sunday
Gateway Pundit
Once upon a time they would have frowned on that and called it insider trading. Now it’s business as usual, I guess. In any event, a few bucks to the Bidens and all if forgiven.
I’ve read that Dominion is another user of the SolarWinds product.
With Trump out and an embezzling traitor and a leftist whore coming in, it’s open season on what was America.
But why hack, when access is for sale at the coming Whore House?
“The group, known among private-sector security firms as APT29 or Cozy Bear, also hacked the State Department and the White House during the Obama administration.”
What did the allegedly mentally ill Adam Schiff(D-CA28) know, when did he know it, and why, as the ranking member on the House Intelligence Committee, has he not done anything to stop it?
RESIGN NOW.
I’m confused what has Adam Schiff got to do with anything?
“I’m confused.” That’s the first true statement you’ve made since you started posting here.
Huh? Do you expect him to Rambo up and find and punish the culprits himself? When all our intel agencies can’t? Just because he’s on a committee?
LOL
So in other words its as actually Democrats who did it??? Since its hard to tell Democrats apart from the enemies of America these days.
That’s a pretty extreme thing to say, just because there viewpoint is different from yours doesn’t make them an enemy. That’s one of the reasons the USA is such a great nation its a melting point of ideas.
Go haunt HuffPo, troll. Nobody wants you here.
How is that trolling? Maybe you should venture outside of your echo chamber
Venture outside and expose yourself to different viewpoints, not an incubator for hate. Lies abound. Ask people to cite sources before you accept a fact. Enemies are spreading gossip about both parties to rile us up. They want a Civil War. Fact!
Treason isn’t a mere difference of opinion.
They are one and the same.
And exactly how do we know it’s the Russians?
The FBI told us?
Crowdstrike?
Again?
No FireEye have indicated that it likely to be the Russians. Details on how they have deduced this are pretty scant though.
“A supply chain attack by a nation state.” Russia? Riiiiigggghhht
They have form to be fair
There is proof of Russian involvement if you don’t believe it.
Scott Adams says it’s China, and via Solarwind had root access to running Dominion voting software.
Also all of Google went down this morning at once to remove all traces of Solarwind products that they were using.
And, YouTube.
YouTube is google.
Can you even imagine what data they could have stolen with 6 months of root access to Google servers?
REVEALED: SolarWinds Director Sold $45.7 MILLION in Stock Options Last Week Before CISA Announcement Sunday
BREAKING BOMBSHELL: MI Judge Grants Attorney Matt DePerno Permission To RELEASE Results Of Forensic Examination On 16 Dominion Voting Machines In Antrim Co. [VIDEO]
BREAKING: Antrim Co. Forensic Report BOMBSHELL Reveals Dominion Machines Were Set At 68.05% Error Rate…Meaning 68.05% Of Ballots Could Be Sent Out For Mass Adjudication, Giving Individuals Or Machines Ability To Change 68.05% Of Votes
Another EO issued by President Trump related to Christmas Eve. This year the President is giving all US government employees Christmas Eve off as a holiday. This holiday went to all employees of the government except those related to “National Security, Defense or other public need.” This also makes the holiday weekend a four-day weekend instead of three.
Gateway pundit
Also from the report: the adjudication logs were manually removed from the machines.
There needs to be a similar forensic audit of each and every voting district around the country that used this software. Until that happens, this election cannot be certified or accepted.
If this were, for example, a civil case, and discovery had found this, that would be as close as you can get to summary judgment for the plaintiff. It’s clear evidence of guilty mind, and judges & juries don’t tolerate it. Because this is an election fraud case suddenly it proves nothing and judges won’t do anything about the ballots involved. Though the rush to slap down Trump clouds things, this phenomenon isn’t unique to him. This kind of evidentiary flip is SOP in election fraud cases.
The report is a joke, it’s littered with factual errors. The report has been widely debunked.
It has the Detroit free press has a decent article on it. The author of the report has been involved in other cases and made many basic factual errors. Why so aggressive? No need for insults, that helps no one least of all you.
Note…The Detroit Free Press. The city is the epicenter of voting corruption in Michigan.
@alaskabob – corruption that you claim but cant actually prove.
Here’s the link:
https://www.thegatewaypundit.com/2020/12/breaking-exclusive-owners-solarwinds-related-obama-clintons-china-hong-kong-us-election-process/
Didn’t Powell say that China sent Dominion $400 million just weeks before the US election.
The bigger story is that Dominion Voting machines use the same Solarwinds software that contains a back door and allowed the hacking of the U.S government computers.
https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
Now will Trump invoke the Executive Order on Imposing Certain Sanctions in the Event of Foreign Interference in a United States Election?
Such a joke. ANY “voting machine” is ridiculous.
If someone doesn’t show up in person and fill out a paper ballot, the election is a joke.
Well I would estimate that 99.999% of successful cyber attacks are due to the idiots in the government that use computers daily during their jobs. Someone gets and email, whether to their personal or government accounts, clicks on a link to fix the problem with their Netflix account and reveals their password. Simple and regular training can fix most of these problems but it also takes a GS-7 with more than a bit of smarts. If the baddies get a half-dozen usernames and passwords out of millions of efforts, it’s still a goldmine for them.
The Army did this a while back to the Iranians. They spent maybe a year stealing usernames and passwords then they all went on line at the same time and worked for a half an hour taking down the entire network. Its very effective if stupid people are using the computers.
Putting the Malware into a scheduled release package was unexpected. That’s why it caught everyone. Even the Federal Election Commission Servers were compromised for the last 6 months.
My father worked for the GSA as a regional contractor. Pretty much every government worked with access to sensitive data gets training on how to not be a moron. Some morons are too dumb to follow it. One time his office got security audited and the auditor dropped packaged/sealed thumb drives on the walkway from their parking lot. They had 7 people plug those thumb drives into the secured computers even though they had just been trained not to less than a month before.
My school network is CONSTANTLY getting compromised because some teachers are just too foolish to follow basic safety precautions. People have got to be the weakest part of security.
There is an epidemic of treason in our country. Probably another Bradley Manning will be behind it.
That Antrim County Michigan independent audit report was released this morning. HOLY SMOKES!!!
https://www.scribd.com/document/488080093/Antrim-Michigan-Forensics-Report-121320-PRELIMINARY?secret_password=6tgofj7cUYx1kQwElves#from_embed
I’m going down to Publix now before they run out of popcorn.
Gets lots of salt and butter also.
In the pre-internet days, government computer networks were all self contained and linked via secure lines. When the internet became publicly available, hackers abounded. The government, being composed of more electronic sheep bought into the myth that open access systems without dedicated, user controlled encryption were safe. Even worse, they have bought into the idea that storing data in a “cloud”, controlled by a third party, is sound computer security. And, it was all done in the name of convenience. Now, some low-level clerk can access sensitive data from his or her cell phone while sipping latte in Starbucks. Primo security.
Of course, we, the citizenry, have no one to blame but ourselves. We allowed this to happen. We allow third parties to have all kinds of sensitive information about us in their possession. And, most of their storage and communication systems are wide open to determined hacking. Even the US government, along with the tech industry went out of its way to crush the personal encryption industry and even attempt to [possibly succeed in] have backdoors installed in programs and systems to allow access to user data.
“we, the citizenry, have no one to blame but ourselves….”
This is true, but for another reason. ‘We’ don’t have the time or expertise to oversee government operations: our elected officials do. We elected the scum of the GOP over and over and over. They proved to be…well, they proved to be corrupt scum, and they profited to our horrible detriment. They still do.
Here is the Dominion Audit report from Michigan: https://www.scribd.com/document/488105156/Antrim-County-Forensics-Report-on-Dominion-Voting-System#from_embed
solarwind wants us to believe the May/June 2020 software “updates” were the “unintentional” cause of the hack? Not buying it. Also not buying that krebs firing isn’t related. It’s likely krebs is in a lot of trouble now. Did the big exec’s at solarwind sell millions of $$$ of their personal company stock recently? (Yes). This has all been part of a ccp assault on the USA. Everything’s coming out and in record time.
Yes all the dirty rats are going down together.
REVEALED: SolarWinds Director Sold $45.7 MILLION in Stock Options Last Week Before CISA Announcement Sunday
Gateway Pundit
Company insiders must schedule these sorts of stock sales with the SEC weeks in advance, which leaves me wondering if there were signs of a problem going back some number of weeks.
So, correct me if I’m wrong.
We do know that there was a vulnerability the person responsible for cybersecurity chose to not reveal and instead to brag about the most secure election “evah”?
We do not know who attacked (and, no, WaPo “anonymous” sources that may or may not exist and may or may not be WaPo “journalists” congregating at the water cooler or in the other location are nothing that inspires confidence in their allegations).
And the WaPo somehow manages to present this as proof that the election is absolutely secure and the Russians that “hacked” the last election this time did not?
Sure, seems totally legit
It’s what I call “prog logic”
For sane people it is know as “absolute fucking bullshit”
Stock price: SWI (NYSE) $19.46 -4.10 (-17.40%
SolarWinds Orion is a network monitoring package that allows monitoring of many different IT systems, including the Cloud.