Connect with us

Hi, what are you looking for?

Economy

Suspected Russian hackers spied on US Treasury e-mails — sources

WASHINGTON — Hackers believed to be working for Russia have been monitoring internal e-mail traffic at the US Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of the iceberg.

The hack is so serious it led to a National Security Council meeting at the White House on Saturday, said one of the people familiar with the matter.

US officials have not said much publicly beyond the Commerce Department confirming there was a breach at one of its agencies and that they asked the Cybersecurity and Infrastructure Security Agency and the FBI to investigate.

National Security Council spokesman John Ullyot added that they “are taking all necessary steps to identify and remedy any possible issues related to this situation.”

The US government has not publicly identified who might be behind the hacking, but three of the people familiar with the investigation said Russia is currently believed to be responsible for the attack. Two of the people said that the breaches are connected to a broad campaign that also involved the recently disclosed hack on FireEye, a major US cybersecurity company with government and commercial contracts.

In a statement posted to Facebook, the Russian foreign ministry described the allegations as another unfounded attempt by the US media to blame Russia for cyberattacks against US agencies.

The cyber spies are believed to have gotten in by surreptitiously tampering with updates released by IT company SolarWinds, which serves government customers across the executive branch, the military, and the intelligence services, according to two people familiar with the matter. The trick—often referred to as a “supply chain attack”—works by hiding malicious code in the body of legitimate software updates provided to targets by third parties.

In a statement released late Sunday, the Austin, Texas-based company said that updates to its monitoring software released between March and June of this year may have been subverted by what it described as a “highly sophisticated, targeted and manual supply chain attack by a nation-state.”

The company declined to offer any further detail, but the diversity of SolarWind’s customer base has sparked concern within the US intelligence community that other government agencies may be at risk, according to four people briefed on the matter.

SolarWinds says on its website that its customers include most of America’s Fortune 500 companies, the top 10 US telecommunications providers, all five branches of the US military, the State Department, the National Security Agency, and the Office of President of the United States.

‘HUGE CYBER ESPIONAGE CAMPAIGN’

The breach presents a major challenge to the incoming administration of President-elect Joseph R. Biden as officials investigate what information was stolen and try to ascertain what it will be used for. It is not uncommon for large-scale cyber investigations to take months or years to complete.

“This is a much bigger story than one single agency,” said one of the people familiar with the matter. “This is a huge cyber espionage campaign targeting the US government and its interests.”

Hackers broke into the National Telecommunications and Information Administration’s (NTIA) office software, Microsoft’s Office 365. Staff e-mails at the agency were monitored by the hackers for months, sources said.

A Microsoft spokesperson did not respond to a request for comment. Neither did a spokesman for the Treasury Department.

The hackers are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press.

“This is a nation-state,” said a different person briefed on the matter.

The full scope of the breach is unclear. The investigation is still its early stages and involves a range of federal agencies, including the Federal Bureau of Investigation (FBI), according to three of the people familiar with the matter.

A spokesperson for the Cybersecurity and Infrastructure Security Agency (CISA) said they have been “working closely with our agency partners regarding recently discovered activity on government networks. CISA is providing technical assistance to affected entities as they work to identify and mitigate any potential compromises.”

The FBI and US National Security Agency did not respond to a request for comment.

There is some indication that the e-mail compromise at NTIA dates back to this summer, although it was only recently discovered, according to a senior US official. — Christopher Bing/Reuters

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the daily email that makes reading the news actually enjoyable. Stay informed and entertained, for free.
Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

Latest

Economy

By Jenina P. Ibañez, Senior Reporter PHILIPPINE MANUFACTURING activity rose to an eight-month high in November, as new orders increased for the first time...

Economy

THE NATIONAL Government’s outstanding debt swelled to P11.97 trillion as of the end of October as it offered more domestic securities, preliminary data from...

Economy

MOTORISTS experience heavy traffic along Commonwealth in Quezon City on Wednesday. — PHILIPPINE STAR/ MICHAEL VARCAS BANGKO SENTRAL ng Pilipinas (BSP) Governor Benjamin E....

Economy

THE SENATE on Wednesday approved on third and final reading the proposed P5.024-trillion national budget for 2022. Senators unanimously passed the 2022 General Appropriations...

Economy

EVERYTHING’s coming full circle from the boy from Cebu who wanted to write but ended up cooking. Myke “Tatung” Sarthou, celebrity chef, started out...

Economy

1 of 6 THE VIRTUS awards by the Hotel Sales and Marketing Association (HSMA) Philippines continues to honor professionals and institutions in hospitality: a...

You May Also Like

Investing

Having a good Instagram marketing agency to back up your Instagram account is an absolute must going into the new year. With competition stronger...

Economy

Ivermectin, an existing drug against parasites including head lice, has had a checkered history when it comes to treating COVID-19. The bulk of studies...

Investing

As a traditionally rigid insurance industry becomes bogged down by antiquated processes and operations, a handful of industry leaders are seeking to shake things...

Investing

Insomnia is the most common sleep disorder in the global population. Therefore, it is a problem that many people suffer or have suffered throughout...

Disclaimer: SmartRetirementReport.com, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2021 SmartRetirementReport. All Rights Reserved.