Most Read
Image 01 Image 02 Image 03

Russia’s Foreign Intelligence Service Suspected of Hacking U.S. Treasury, Commerce, Other Departments

Russia’s Foreign Intelligence Service Suspected of Hacking U.S. Treasury, Commerce, Other Departments

“This is a much bigger story than one single agency. This is a huge cyber espionage campaign targeting the U.S. government and its interests.”

https://www.youtube.com/watch?v=lJdtKuZPxaM

Officials suspect a hacking group that works for the SVR, the Russian foreign intelligence service, breached many U.S. federal departments, including Treasury and Commerce’s National Telecommunications and Information Administration (NTIA).

From The Washington Post:

The FBI is investigating the campaign by a hacking group working for the Russian foreign intelligence service, SVR. The breaches have been taking place for months and may amount to an operation as long-running and significant as one that occurred in 2014-2015.

The group, known among private-sector security firms as APT29 or Cozy Bear, also hacked the State Department and the White House during the Obama administration.

All of the organizations were breached through a network management system called Solar Winds, according to three people familiar with the matter, who spoke on condition of anonymity because of the issue’s sensitivity. Solar Winds could not immediately be reached for comment.

It is not clear what information was accessed from the government agencies.

Reuters reported that “SolarWinds said software updates it released in March and June of this year may have been surreptitiously tampered with in a ‘highly-sophisticated, targeted and manual supply chain attack by a nation state.'”

Two people told Reuters that these breaches have a connection “to a broad campaign that also involved the recently disclosed hack on FireEye, a major U.S. cybersecurity company with government and commercial contracts.”

The White House and Commerce Department confirmed the hacks:

“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said National Security Council spokesman John Ullyot.

The hack is so serious it led to a National Security Council meeting at the White House on Saturday, said one of the people familiar with the matter.

The Commerce Department confirmed there was a breach at one of its agencies in a statement. “We have asked the Cybersecurity and Infrastructure Security Agency and the FBI to investigate, and we cannot comment further at this time.”

As noted above, this same group hacked the State Department and the White House when President Barack Obama sat in the White House.

It is obviously not going to stop. Sources said the group “broke into the NTIA’s office software, Microsoft’s Office 365.” These people also said the hackers “monitored” staff emails for months:

“This is a much bigger story than one single agency,” said one of the people familiar with the matter. “This is a huge cyber espionage campaign targeting the U.S. government and its interests.”

A Microsoft spokesperson did not immediately respond to a request for comment. Neither did a spokesman for the Treasury Department.

The hackers are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press.

“This is a nation state,” said a different person briefed on the matter.

We do not know all of the specifics. The investigation is still in the early stages. The FBI and “a range of federal agencies” are taking part in the investigation.

DONATE

Donations tax deductible
to the full extent allowed by law.

Comments

Wait, let me guess… This is all Trump’s fault, right media?

“The group, known among private-sector security firms as APT29 or Cozy Bear, also hacked the State Department and the White House during the Obama administration.”

What did the allegedly mentally ill Adam Schiff(D-CA28) know, when did he know it, and why, as the ranking member on the House Intelligence Committee, has he not done anything to stop it?

RESIGN NOW.

So in other words its as actually Democrats who did it??? Since its hard to tell Democrats apart from the enemies of America these days.

And exactly how do we know it’s the Russians?

The FBI told us?

Crowdstrike?

Again?

Scott Adams says it’s China, and via Solarwind had root access to running Dominion voting software.

Also all of Google went down this morning at once to remove all traces of Solarwind products that they were using.

    MattMusson in reply to rhhardin. | December 14, 2020 at 10:53 am

    And, YouTube.

    notamemberofanyorganizedpolicital in reply to rhhardin. | December 14, 2020 at 12:37 pm

    REVEALED: SolarWinds Director Sold $45.7 MILLION in Stock Options Last Week Before CISA Announcement Sunday

    BREAKING BOMBSHELL: MI Judge Grants Attorney Matt DePerno Permission To RELEASE Results Of Forensic Examination On 16 Dominion Voting Machines In Antrim Co. [VIDEO]

    BREAKING: Antrim Co. Forensic Report BOMBSHELL Reveals Dominion Machines Were Set At 68.05% Error Rate…Meaning 68.05% Of Ballots Could Be Sent Out For Mass Adjudication, Giving Individuals Or Machines Ability To Change 68.05% Of Votes

    Another EO issued by President Trump related to Christmas Eve. This year the President is giving all US government employees Christmas Eve off as a holiday. This holiday went to all employees of the government except those related to “National Security, Defense or other public need.” This also makes the holiday weekend a four-day weekend instead of three.

    Gateway pundit

    Didn’t Powell say that China sent Dominion $400 million just weeks before the US election.

The bigger story is that Dominion Voting machines use the same Solarwinds software that contains a back door and allowed the hacking of the U.S government computers.

https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

Now will Trump invoke the Executive Order on Imposing Certain Sanctions in the Event of Foreign Interference in a United States Election?

Well I would estimate that 99.999% of successful cyber attacks are due to the idiots in the government that use computers daily during their jobs. Someone gets and email, whether to their personal or government accounts, clicks on a link to fix the problem with their Netflix account and reveals their password. Simple and regular training can fix most of these problems but it also takes a GS-7 with more than a bit of smarts. If the baddies get a half-dozen usernames and passwords out of millions of efforts, it’s still a goldmine for them.
The Army did this a while back to the Iranians. They spent maybe a year stealing usernames and passwords then they all went on line at the same time and worked for a half an hour taking down the entire network. Its very effective if stupid people are using the computers.

    MattMusson in reply to American Human. | December 14, 2020 at 12:13 pm

    Putting the Malware into a scheduled release package was unexpected. That’s why it caught everyone. Even the Federal Election Commission Servers were compromised for the last 6 months.

    My father worked for the GSA as a regional contractor. Pretty much every government worked with access to sensitive data gets training on how to not be a moron. Some morons are too dumb to follow it. One time his office got security audited and the auditor dropped packaged/sealed thumb drives on the walkway from their parking lot. They had 7 people plug those thumb drives into the secured computers even though they had just been trained not to less than a month before.

    My school network is CONSTANTLY getting compromised because some teachers are just too foolish to follow basic safety precautions. People have got to be the weakest part of security.

That Antrim County Michigan independent audit report was released this morning. HOLY SMOKES!!!

https://www.scribd.com/document/488080093/Antrim-Michigan-Forensics-Report-121320-PRELIMINARY?secret_password=6tgofj7cUYx1kQwElves#from_embed

I’m going down to Publix now before they run out of popcorn.

In the pre-internet days, government computer networks were all self contained and linked via secure lines. When the internet became publicly available, hackers abounded. The government, being composed of more electronic sheep bought into the myth that open access systems without dedicated, user controlled encryption were safe. Even worse, they have bought into the idea that storing data in a “cloud”, controlled by a third party, is sound computer security. And, it was all done in the name of convenience. Now, some low-level clerk can access sensitive data from his or her cell phone while sipping latte in Starbucks. Primo security.

Of course, we, the citizenry, have no one to blame but ourselves. We allowed this to happen. We allow third parties to have all kinds of sensitive information about us in their possession. And, most of their storage and communication systems are wide open to determined hacking. Even the US government, along with the tech industry went out of its way to crush the personal encryption industry and even attempt to [possibly succeed in] have backdoors installed in programs and systems to allow access to user data.

    “we, the citizenry, have no one to blame but ourselves….”

    This is true, but for another reason. ‘We’ don’t have the time or expertise to oversee government operations: our elected officials do. We elected the scum of the GOP over and over and over. They proved to be…well, they proved to be corrupt scum, and they profited to our horrible detriment. They still do.

solarwind wants us to believe the May/June 2020 software “updates” were the “unintentional” cause of the hack? Not buying it. Also not buying that krebs firing isn’t related. It’s likely krebs is in a lot of trouble now. Did the big exec’s at solarwind sell millions of $$$ of their personal company stock recently? (Yes). This has all been part of a ccp assault on the USA. Everything’s coming out and in record time.

    notamemberofanyorganizedpolicital in reply to CKYoung. | December 14, 2020 at 12:42 pm

    Yes all the dirty rats are going down together.

    REVEALED: SolarWinds Director Sold $45.7 MILLION in Stock Options Last Week Before CISA Announcement Sunday

    Gateway Pundit

So, correct me if I’m wrong.

We do know that there was a vulnerability the person responsible for cybersecurity chose to not reveal and instead to brag about the most secure election “evah”?

We do not know who attacked (and, no, WaPo “anonymous” sources that may or may not exist and may or may not be WaPo “journalists” congregating at the water cooler or in the other location are nothing that inspires confidence in their allegations).

And the WaPo somehow manages to present this as proof that the election is absolutely secure and the Russians that “hacked” the last election this time did not?

Sure, seems totally legit

Stock price: SWI (NYSE) $19.46 -4.10 (-17.40%

SolarWinds Orion is a network monitoring package that allows monitoring of many different IT systems, including the Cloud.

Font Resize
Contrast Mode
Send this to a friend