Jesus Chriat.In December 2020, a U.S. cybersecurity company announced it had recently uncovered a massive cyber breach. The hack dates back to March 2020, and possibly even earlier, when an adversary, believed to be Russia, hacked into the computer networks of U.S. government agencies and private companies via SolarWinds, a security software used by many thousands of organizations in the U.S. and around the world.
New York Times cyber security reporter Nicole Perlroth calls the SolarWinds hack "one of the biggest intelligence failures of our time."
"We really don't know the extent of it," Perlroth says. "What we know is that this thing has hit the Department of Homeland Security — the very agency charged with keeping us safe — the Treasury, the State Department, the Justice Department, the Department of Energy, some of the nuclear labs, the Centers for Disease Control."
Perlroth says the fact that the breach went undetected for so long means that the hackers likely planted "back door" code, which would allow them to re-enter the systems at a later date.
"We're still trying to figure out where those back doors are," Perlroth says. "And that could take months, if not years, to get to the bottom of."
[...]
"We are one of the most advanced, if not the most advanced cyber superpower in the world, but we are also its most targeted and its most vulnerable," she says.
Part of the problem, Perlroth says, is that the U.S. has spent more energy on hacking other countries than on defending itself.
[...]
SolarWinds, the cyber security company through which the hackers entered, which used the password "solarwinds123".
NPR
...but hey, do what you want...you will anyway."When I started calling up some of the victims of this attack, many of them didn't even know they used SolarWinds software until it came out that the company was breached. ... So what we were looking at really was a company that didn't have very good security, but that was touching some of the most sensitive systems we have. This was used inside the Pentagon. The NSA used that. We know that the Treasury used it and all the other victims that are coming out, including our utility companies.
[...]
"Originally when this hack was discovered, one of the bright spots was that they believed that the hackers had not made their way into classified systems. But what I kept hearing from security researchers and people who worked at these agencies was just how much vulnerable data was outside these classified systems. And one of those things was Black Start.
"Black Start is just a very technical document. And it's essentially a to-do list. If we were able to have a major power failure, it says, you know, we're going to go turn on the power here first, then we're going to move over here and do this. And with that document in hand, that could be very valuable for an adversary because it would essentially give them the perfect hit list to make sure that the power stayed off."
On a recent cyber attack on the water supply in Oldsmar, Fla., in which hackers attempted to increase the amount of lye in the drinking water
[...]
"This is really dangerous. You know, they increased the amount of lye in the water from 100 parts per million to 11,000 parts per million. It just so happened that there happened to be a software engineer sitting at his computer watching his cursor move around on his screen and then later watched someone go into these functions and upped the amount of chemical.
[...]
"I think it's just a wake-up call in general that a lot of these facilities allow contractors and engineers to get in, get remote access from miles away or across the country. And I think we need to start rethinking that access. Do we really want strangers being able to get into these systems from afar? And I think right now would be a good time to ask ourselves. And I think the answer is probably no."
No comments:
Post a Comment