"Hackers broke into systems in the Departmental Offices division of Treasury, home to the department's highest-ranking officials. Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen," Wyden said.
The Internal Revenue Service said there was no evidence the agency was compromised or taxpayer data affected, Wyden added.
* * *
Cybersecurity experts believe a sophisticated group of hackers was able to enter U.S. government networks earlier this year via a loophole in products developed by SolarWinds, which provides software for government agencies and large companies.
Quite a lot has been going on:
The Week in Business: We've Been Hacked - The New York Times
It's going to be another bizarre holiday week. Here's what you need to know in business and tech for the days ahead, and stay safe. — Charlotte Cowles
In one of the largest and most sophisticated cyberattacks in years, hackers breached the networks at a wide range of government agencies , including at the Treasury and Commerce Departments, as well as a number of major private companies. Even worse, the hacks occurred last spring but were undetected until recent weeks — so the culprit, widely suspected to be a Russian intelligence agency , has been lurking in the government's networks for most of 2020.
Bloomberg - Are you a robot?
How U.S. agencies' trust in untested software opened the door to hackers - POLITICO
The government doesn't do much to verify the security of software from private contractors. And that's how suspected Russian hackers got in.
* * *
The massive monthslong hack of agencies across the U.S. government succeeded, in part, because no one was looking in the right place.
As investigators race to assess the damage from the hacks, experts and lawmakers are calling for increased scrutiny of the third-party code that government agencies allow on their networks and demanding a fix for a long-known weakness.
Other things to check out:
Russian Hackers Suspected In Cyber Attack At Federal Agencies : NPR
The U.S. Treasury Department, shown here in 2019, has been hacked along with the U.S. Commerce Department, according to reports. Russia is suspected, but denies involvement. The U.S. government has acknowledged a breach and says it is investigating to make a full assessment. Patrick Semansky/AP hide caption
* * *
Russian hackers working for the Kremlin are believed to be behind breaches of U.S. government computer systems at the departments of Treasury, Commerce and Homeland Security that may have lasted months before they were discovered, according to U.S. officials and media reports.
Hacking campaign targeted US energy, treasury and commerce agencies | Technology | The Guardian
The US government continues to reel from a large and sophisticated hacking campaign that affected top federal agencies, including the energy department, the treasury and commerce departments, and is even said to have targeted the agency responsible for the country's nuclear weapons stockpile.
* * *
In a statement on Thursday, the Cybersecurity and Infrastructure Security Agency (Cisa) also warned that it will be difficult to remove the malware inserted through network software.
Energy Department says it was hacked in suspected Russian campaign
The Energy Department was hacked as part of a massive, ongoing campaign against the U.S. government, a spokesperson said Thursday, making it the latest confirmed agency to have been breached by Russian spies.
A number of federal agencies have been hit by a massive monthslong breach, which officials believe is the work of Russian intelligence, leaving the government scrambling to find out what was infected and how much information was stolen.
"The investigation is ongoing and the response to this incident is happening in real time," Energy Department spokeswoman Shaylyn Hynes said in a statement.
Al Jazeera journalists 'hacked via NSO Group spyware' - BBC News
.css-14iz86j-BoldText{font-weight:bold;} Dozens of Al Jazeera journalists were allegedly hacked with the help of spyware developed by Israeli firm NSO Group, cyber-security researchers say.
* * *
Citizen Lab researchers say they concluded with "medium confidence" that two attackers who had spied on the phones of Al Jazeera journalists were doing so on behalf of the Saudi Arabian and UAE governments.
In July 2020, Kismet was a "zero-day" attack - meaning Apple was supposedly unaware of the flaw - and it worked on at least iOS 13.5.1, and could hack Apple's iPhone 11, the latest model at the time.
Happening on Twitter
'Dozens' of top Treasury email accounts hacked, senator says https://t.co/IqPAxP9dSA CBSNews (from New York, NY) Tue Dec 22 02:49:39 +0000 2020
New from @dnvolz and me: The hackers breached dozens of Treasury Department e-mail accounts and systems used by top… https://t.co/seCQnM0XRe RichardRubinDC (from Washington, DC) Tue Dec 22 00:32:32 +0000 2020
Lastest details on Treasury hack, per Wyden office (citing Treasury officials): - Intrusion began in July - Theft… https://t.co/GHt1seKyaq razhael Tue Dec 22 01:58:14 +0000 2020
The United States added dozens of Chinese companies, including the country's top chipmaker SMIC, to a trade blackli… https://t.co/9BSxmummx8 Reuters (from Around the world) Sat Dec 19 01:15:00 +0000 2020
No comments:
Post a Comment