Suspected Russian hackers who used SolarWinds and Microsoft software to hack US federal agencies stole information about US counterintelligence investigations The policy of punishing Russian individuals and the country’s response to the coronavirus.
The hacks were widely publicized after their discovery late last year. US officials blamed the SVR, Russia’s foreign intelligence service. who denies this activity. But little has been revealed about the spies’ goals and successes.
The reluctance of some publicly traded companies to explain their exposure led to a widespread investigation from the Securities and Exchange Commission.
The campaign aroused the concern of officials because of the concealment and the slowness in the measure. Hackers compromised the code production process of SolarWinds, which makes widely used network management software.
The group also took advantage of weaknesses in Microsoft’s methods for identifying users in Office 365. It breached some targets using Microsoft software. But not SolarWinds.
It was previously reported that hackers infiltrated unclassified Justice Department networks and read emails in departments of the Treasury, Commerce and Homeland Security.
Nine federal agencies were also hacked. Hackers stole digital certificates used to convince computers that the program was authorized to run on them and source code from Microsoft and other technology companies.
The revelation of the counter-espionage issues that were being pursued against Russia was the worst loss. AndA White House official said President Joe Biden has issued orders to improve the security of federal agencies, among other things that require more multi-factor authentication and more monitoring of workplace devices.
and in a sheet An annual threat review, Microsoft said that Russian spies are seeking government materials on sanctions and other policies related to Russia, as well as US methods to catch Russian hackers.
Russian group hacked federal contractor SolarWinds
Kristen Goodwin, general manager of Microsoft’s digital security unit, said the company drew its conclusions from the types of customers and accounts it saw as being targeted. She said agency Reuters: In such cases, you can infer operational objectives from that.
Others who worked on the government’s investigation went further, saying they could see terms the Russians used in their search for US digital files, including “sanctions.”
Chris Krebs, former head of the Department of Homeland Security’s Cyber and Infrastructure Security Agency and now an advisor to SolarWinds and other companies, said the combined descriptions of the attackers’ targets made sense.
“If I’m a threat actor in an environment, I have a clear set of goals,” he added. First, I want to gain valuable intelligence about government decision-making. It seems or access to sanctions policy makes sense. Secondly, Know how the target responds to attacks, or counter-reaction. I want to know what they know about me so that I can improve my trading career and avoid detection.
The Russian hackers behind the successful hack of US federal agencies in 2020, in recent months, have attempted to infiltrate US and European government networks.
The Russian group hacked several technology companies in previously unreported activity. Hackers have also used new tools and techniques in some of their operations this year.
Also Read: SolarWinds Hackers Targeted Malwarebytes
Read also: Ministry of Justice email is at risk