Thursday, March 4, 2021

Hackers breach US agencies, Homeland Security a reported target

This adds to a growing list of targets in the attack, including the Treasury and Commerce departments.

Other News

Malaysia kekal antara ekonomi bebas dengan peningkatan integriti, kata indeks AS

The Heritage Foundation meletakkan Malaysia dalam kategori ‘hampir bebas' dan memuji pelan antirasuah nasional

Malaysia remains among freest economies, improves in integrity, says US index

The Heritage Foundation places Malaysia in the 'Mostly Free' category, hailing its anti-corruption plan.

‘Everything will be ok’: Myanmar mourns teen killed protesting

Before going to a demonstration this week, Kyal Sin listed her blood type on her Facebook page, her phone number, and said her organs were available for donation if anything were to happen to her.

Kerajaan pertimbang benar rentas negeri berstatus PKPP

Setakat ini, hanya Sabah sahaja negeri yang masih mengekalkan larangan rentas daerah.

In India, 71kg of garbage found in stray cow’s stomach

Previous surgeries done by the People For Animals Trust Faridabad organisation have found up to 50kg of waste in cows' stomachs.

The US Department of Homeland Security (DHS) was the third federal department to be targeted in a major cyberattack, US media reported Monday, a day after Washington revealed the hack which may have been coordinated by a foreign government.

The Washington Post cited unnamed officials who said that the DHS – which is in charge of protecting the country from attacks both online and off – had been added to a growing list of targets in the attack, including the Treasury and Commerce departments.

A statement from DHS Monday did not confirm the report, saying only that it was “aware of cyber breaches across the federal government and working closely with our partners in the public and private sector on the federal response”.

The Cybersecurity and Infrastructure Security Agency (Cisa), which is attached to the DHS, on Sunday said it had ordered federal agencies to immediately stop using SolarWinds Orion IT products following reports that hackers had used a recent update to gain access to internal communications.

“We urge all our partners – in the public and private sectors – to assess their exposure to this compromise and to secure their networks,” said Cisa acting director Brandon Wales.

SolarWinds over the weekend admitted that hackers had exploited a backdoor in an update of some of its software released between March and June.

The hacks are part of a wider campaign that also hit major cybersecurity firm FireEye, which said its own defences had been breached by sophisticated attackers who stole tools used to test customers’ computer systems.

FireEye said it suspected the attack was state-sponsored, and warned it could have affected numerous high profile targets across the globe.

“This campaign may have begun as early as Spring 2020 and is currently ongoing,” FireEye said in a blog post.

Russia involved?

The content the hackers have sought to steal – and how successful they have been – is not known at this time.

“We believe this is nation-state activity at significant scale, aimed at both the government and private sector,” said IT giant Microsoft, which is also investigating, in a blog post.

While Microsoft refrained from naming a country, several US media pointed the finger at the Russian group “APT29”, also known as “Cozy Bear”.

According to the Washington Post, the group is part of Moscow’s intelligence services, and hacked servers at the State Department and the White House during the Obama administration.

The Russian embassy in the US categorically denied the accusations in a statement on Facebook.

Both the public and private sectors must be increasingly on guard against such hacks, warned Hank Schless, senior manager at Lookout, a California-based mobile security company.

“Adversarial nation-states have recognised the value in targeting both sectors, which means neither is safe from the types of attacks that have government resources behind them,” he said.

Matt Walmsley of Vectra, which provides cyberattack detection services from its base in California, agreed.

“Security teams need to drastically reduce the overall risk of a breach by gaining instant visibility and understanding of who and what is accessing data or changing configurations, regardless of how they are doing it, and from where,” he said.

Follow us on Telegram for the latest updates:

Subscribe to our newsletter

To be updated with all the latest news and analyses.

Related Articles

State-sponsored hackers in China targeting email services, Microsoft says

Microsoft says the group is based in China but operates through leased virtual private servers in the US, and that it has briefed the US government.

Zoom earnings strong at close of pandemic-plagued year

Zoom took in revenue of US$882.5 million during the fiscal quarter that ended Jan 31, in a 369% increase from the same period a year earlier before lifestyles went remote due to Covid-19.

Trump hints he may run for president again in 2024

He also rules out starting a new political party in a speech to conservatives.

US kids could receive vaccine by year-end, says White House pandemic adviser Fauci

Children in high school should be able to get the vaccines 'sometime this fall', although data is still being compiled on their safety and efficacy for younger children who may not receive the jabs until late 2021 or early 2022, he says.

Facebook to pay US$650 million settlement over US privacy dispute

During the trial, it emerged that Facebook was violating Illinois law by storing biometric data – digital scans of people's faces, in support of its face-tagging feature – without users' consent.