https://www.google.com/amp/s/mobile.reuters.com/article/amp/idUSL1N2IT0I8 Dec 13 (Reuters) - A sophisticated hacking group backed by a foreign government stole information from the U.S. Treasury Department and a U.S. agency responsible for deciding policy around the internet and telecommunications, according to people familiar with the matter.
did someone hand over the keys? I've got my eye on a few puppets that refused to strengthen our cybersecurity.
The website is gone, but it still applies https://reason.com/2010/11/12/will-using-the-prefix-cyber-ma/ its all just words, nothing is real, when will you people figure this out. There are no secrets. There are only peoples beliefs, things that have happened, and the present moment. The future is literally created at every moment but peoples brains have been so fucked up to think they actually have a good bead on things, but they dont. There are immutable truths.. like formulas, and nature and relationships between particles .. the only thing that is a sure bet is entropy... but no one knows what that is
which one do you think? who could've seen this coming? https://www.washingtonpost.com/nati...a53b88-3d7d-11eb-9453-fc36ba051781_story.html Russian government spies are behind a broad hacking campaign that has breached U.S. agencies and a top cyber firm The Russian government hackers who breached a top cybersecurity firm are behind a global espionage campaign that also compromised the Treasury and Commerce departments and other U.S. government agencies, according to people familiar with the matter. The FBI is investigating the campaign by a hacking group working for the Russian foreign intelligence service, SVR. The breaches have been taking place for months and may amount to an operation as long-running and significant as one that occurred in 2014-2015. The group, known among private-sector security firms as APT29 or Cozy Bear, also hacked the State Department and the White House during the Obama administration. All of the organizations were breached through a network management system called Solar Winds, according to three people familiar with the matter, who spoke on condition of anonymity because of the issue’s sensitivity. Solar Winds could not immediately be reached for comment. It is not clear what information was accessed from the government agencies. Reuters first reported the hacks of the Treasury and Commerce agencies Sunday, saying they were carried out by a foreign government-backed group. The SVR link to the broader campaign is previously unreported. The matter was so serious it prompted an emergency National Security Council meeting on Saturday, Reuters reported. “The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said NSC spokesman John Ullyot. He would not comment on the country or group responsible. APT29 has also been linked to attempts to steal coronavirus vaccine research. The Washington Post reported last week that the Russian hacking group, APT29, breached the cybersecurity firm, FireEye, according to three people familiar with the matter. At Commerce, the Russians targeted the National Telecommunications and Information Administration, an agency that handles internet and telecommunications policy, Reuters reported. The campaign is said to be quite broad, encompassing an array of targets, including government agencies in the United States and other countries. It has been running for months, one person said. In 2015, the same group compromised the servers of the Democratic National Committee. But unlike a rival Russian spy agency, which also hacked the DNC, it did not leak stolen material. In 2016, the GRU military spy agency leaked hacked emails to the online anti-secrecy organization WikiLeaks in an operation that disrupted the Democrats’ national convention in the midst of the presidential campaign. The SVR, by contrast, hacks for traditional espionage purposes, stealing information that might help the Kremlin understand the plans and motives of politicians and policymakers. Its operators also have filched industrial secrets, hacked foreign ministries and gone after coronavirus vaccine data.
Maybe the US Government should just disconnect from the Internet? Why do they need to be connected to it in the first place? Can have a man on the moon in 1969, but cannot have a U.S.-only VPN in 2020? Da fuk?
https://www.nytimes.com/2020/12/13/us/politics/russian-hackers-us-government-treasury-commerce.html Russian Hackers Broke Into Federal Agencies, U.S. Officials Suspect In one of the most sophisticated and perhaps largest hacks in more than five years, email systems were breached at the Treasury and Commerce Departments. Other breaches are under investigation. The Trump administration acknowledged on Sunday that hackers acting on behalf of a foreign government — almost certainly a Russian intelligence agency, according to federal and private experts — broke into a range of key government networks, including in the Treasury and Commerce Departments, and had free access to their email systems. Officials said a hunt was on to determine if other parts of the government had been affected by what looked to be one of the most sophisticated, and perhaps among the largest, attacks on federal systems in the past five years.Several said national security-related agencies were also targeted, though it was not clear whether the systems contained highly classified material. The Trump administration said little in public about the hack, which suggested that while the government was worried about Russian intervention in the 2020 election, key agencies working for the administration — and unrelated to the election —were actually the subject of a sophisticated attack that they were unaware of until recent weeks. “The United States government is aware of these reports, and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” John Ullyot, a spokesman for the National Security Council, said in a statement. The Department of Homeland Security’s cybersecurity agency, whose leader was fired by President Trump last monthfor declaring that there had been no widespread election fraud, said in a statement that it had been called in as well. The Commerce Department acknowledged that one of its agencies had been affected, without naming it. But it appeared to be the National Telecommunications and Information Administration, which helps determine policy for internet-related issues, including setting standards and blocking imports and exports of technology that is considered a national security risk. The motive for the attack on the agency and the Treasury Department remains elusive, two people familiar with the matter said. One government official said it was too soon to tell how damaging the attacks were and how much material was lost, but according to several corporate officials, the attacks had been underway as early as this spring, meaning they continued undetected through months of the pandemic and the election season. News of the breach, reported earlier by Reuters, came less than a week after the National Security Agency, which is responsible for breaking into foreign computer networks and defending the most sensitive U.S. national security systems, issued a warning that “Russian state-sponsored actors” were exploiting flaws in a system broadly used in the federal government. At the time, the N.S.A. refused to give further details of what had prompted the urgent warning. Shortly afterward, FireEye, a leading cybersecurity firm, announced that hackers working for a state had stolen some of its prized tools for finding vulnerabilities in its clients’ systems — including the federal government’s. That investigation also pointed toward the S.V.R., one of Russia’s leading intelligence agencies. It is often called Cozy Bear or A.P.T. 29, and it is known as a traditional collector of intelligence. FireEye’s clients, including the Department of Homeland Security and intelligence agencies, hire the firm to conduct ingenious but benign hacks of their systems using the company’s large database of techniques it has seen around the world. Its “red team” tools — essentially imitating a real hacker — are used to plug security holes in networks. So the hackers who stole FireEye’s tools have added to their arsenal. But it appears that FireEye was hardly their only victim. The global campaign, investigators now believe, involved the hackers inserting their code into periodic updates of software used to manage networks by a company called SolarWinds. Its products are widely used in corporate and federal networks, and the malware was carefully minimized to avoid detection. The company, based in Austin, Texas, says it has more than 300,000 customers, including most of the nation’s Fortune 500 firms. But it is unclear how many of those use the Orion platform that the Russian hackers invaded, or whether they were all targets. If the Russia connection is confirmed, it will be the most sophisticated known theft of American government data by Moscow since a two-year spree in 2014 and 2015,in which Russian intelligence agencies gained access to the unclassified email systems at the White House, the State Department and the Joint Chiefs of Staff. It took years to undo the damage, but President Barack Obama decided at the time not to name the Russians as the perpetrators — a move that many in his administration now regard as a mistake. Emboldened, the same group of hackers went on to invade the systems of the Democratic National Committee and top officials in Hillary Clinton’s campaign, touching off investigations and fears that permeated both the 2016 and 2020 contests. Another, more disruptive Russian intelligence agency, the G.R.U., is believed to be responsible for then making public the hacked emails at the D.N.C. “There appear to be many victims of this campaign, in government as well as the private sector,” said Dmitri Alperovitch, the chairman of Silverado Policy Accelerator, a geopolitical think tank, who was the co-founder of CrowdStrike, a cybersecurity firm that helped find the Russians in the Democratic National Committee systems four years ago. “Not unlike what we had seen in 2014-2015 from this actor, when they ran a massive campaign and successfully compromised numerous victims.” Russia has been one of several countries that have also been hacking American research institutions and pharmaceutical companies. This summer, Symantec Corporation warned that a Russian ransomware group was exploiting the sudden change in American work habits because of the pandemic and were injecting code into corporate networks with a speed and breadth not previously seen. According to private-sector investigators, the attacks on FireEye led to a broader hunt to discover where else the Russian hackers might have been able to infiltrate both federal and private networks. FireEye provided some key pieces of computer code to the N.S.A. and to Microsoft, officials said, which went hunting for similar attacks on federal systems. That led to the emergency warning last week. Most hacks involve stealing user names and passwords, but this was far more sophisticated. Once they were in the SolarWinds network management software, the Russians, investigators said, were able to insert counterfeit “tokens,” essentially electronic indicators that provide an assurance to Microsoft, Google or other providers about the identity of the computer system its email systems are talking to. By using a flaw that is extraordinarily difficult to detect, the hackers were able to trick the system and gain access, undetected. It is unclear exactly what they extracted; the situation is reminiscent of the Chinese hack of the Office of Personnel Management, which went on for a year in 2014 and 2015, with the loss eventually tallied at more than 22 million security-clearance files and more than five million fingerprints. That turned out to be part of a much broader data-gathering effort by Beijing, which involved theft from the Starwood Hotels division of Marriott, the Anthem insurance database and Equifax, the credit reporting agency. The history of Russian theft of critical data from the United States government stretches more than two decades and resulted in the creation of United States Cyber Command, the Pentagon’s quickly expanding cyberwarfare force. As early as the mid-1990s, the F.B.I. was called in for an investigation into networks that included Los Alamos and Sandia National Laboratories, which work on nuclear weapons design, among other issues. In the minds of some experts, that Russian operation, soon called Moonlight Maze, never really ended. “The activity described by the name — Russian cyberoperations against a wide variety of American targets — continues to this day,” Ben Buchanan, now at Georgetown University, and Michael Sulmeyer, now a senior adviser at Cyber Command, wrote for the Carnegie Endowment for International Peace in 2016.