-(1)-(1).jpeg)
Foreign cyber criminals breached several U.S. federal agencies, including the U.S Treasury.
The criminal gang, suspected to be working for Russia, penetrated and monitored internal email communications flowing from the U.S Treasury and Commerce departments.
It is speculated that the cybercriminals are linked to the Russian hackers that recently penetrated cybersecurity giant FireEye. Given FireEye’s prestigious portfolio of government clients, such a connection could be evidence of a mounting attack against the Western world.
The incident led to a National Security Council meeting at the White House. An immediate remediation effort is underway.
NSC spokesperson John Ullyot said they “are taking all necessary steps to identify and remedy any possible issues related to this situation.”
How did the cyber attack happen?
It is suspected that the cyber attackers compromised an IT update by SolarWinds, and used this as an attack vector to penetrate U.S federal communication systems.
SolarWinds services a wide range of executive government clients including the National Security Agency and US military.
This strategy of burying malicious code within innocuous software (known as a supply chain attack) is a common tactic used by hackers to breach victims through their third-party network.
The attack, first reported by Reuters, penetrated the Microsoft Office 365 account of the National Telecommunications and Information Administration (NTIA). It’s unclear, at this point, how long the criminals were monitoring internal emails, but it’s speculated this lasted for several months.
The larger the cyberattack operation, the longer it will take to investigate. Given that the target was the United States Government, investigations may take months, or even years, to complete.
.jpeg)
