Homeland Security Secretary Alejandro Mayorkas on Wednesday warned that "cyberthreats are coming dangerously close to threatening our lives" as he announced a series of "sprints" designed to counter online attacks.
Why it matters: "Our government got hacked last year and we didn’t know about it for months," Mayorkas said. It wasn't until cybersecurity firm SolarWinds "got hacked itself and alerted the government" when federal officials learned the extent of the problem, he noted.
More
What to watch: Other agency sprints will center on strengthening the Cybersecurity and Infrastructure Security Agency and the cyber workforce, and bolstering the security of industrial control systems.
The Biden administration is working on an executive order to bolster federal cybersecurity following the hacking of SolarWinds and the Microsoft Exchange Server — which was targeted by a cyber espionage unit backed by the Chinese government, it emerged earlier this month.
One of your MesaZona blogger'smost reliable and trusted news sources, Wired.com came out with this 'bomb' today:
Andy Greenberg.Andy Greenberg Security 03.08.17. 09:59 am
HOW THE CIA'S HACKING HOARD MAKES EVERYONE LESS SECURE WikiLeaks, already in headline news for a long time, dumped its 8,000+ document zero-day stash one day ago then, strongly suggests that the CIA—along with other intelligence agencies—has long allowed Americans to remain vulnerable to those same attacks. Now that those hacking secrets are public, potentially along with enough details to replicate them, the danger of the feds leaving major security flaws unfixed only escalates. . .
Balancing the needs of a critical intelligence agency with the digital security of the rest of the world isn’t easy. But the US intelligence community’s hacking techniques leaking—not once, but at least twice now after hackers known as the Shadow Brokers breached an NSA server and published reams of NSA code last August—means that the balance needs to be reconsidered, says New American Foundation’s Bankston. “All of of these vulnerabilities were in iPhones and Android phones that hundreds of millions of people used if not billions,” he says. “That has serious cybersecurity implications.” Do we the people get this or approved it? SPOONS GONE WILD
“The deal we make in a democracy is that we understand we need military and intelligence services. But we want want oversight in the executive branch and across the three branches of government,” . . “If the CIA says ‘we’re suppose to do this, but we’re just not going to,’ or ‘we’re going to do it just enough that the White House thinks we are,’ that starts to eat away at the fundamental oversight for which we have elected officials.”
End of Countries Blaming Each Other of Cyber Espionage?
The US record for preparation against Cyberattacks is woeful. In the early 2000, the US provided access to the Deep Web to hackers and enemy state agents through Open Source of anonymous communication tools. Since 2010 the US Intelligence community has fallen victim to internal personnel like Eric Snowden releasing methods and policies to the hacking world. And the last 5-7 years has seen the US lose highly potent cyber-tools through agents “mishandling” highly confidential tools or the astonishing miscalculation of the the degree of the vulnerability of their prized cybertools to detection and capture in combat.
Clearly there is a hubris about US Intelligence Effectiveness and Invulnerability. Yet all the major Intelligence players [CIA, NSA, and Naval Intelligence] have proven to be remiss in defending US business, government and individual citizens against cyberattacks. Because some of the very best US hacking tools are in possession of organized crime and foreign agents, US infrastructure systems which are running on old , outdated, and/or poorly monitored control systems , are particularly at risk. This means major systems such as the US electrical grid, air transportation control centers, intertwined oil,/gas/chemical pipelines have become increasingly susceptible to concerted cyberattack.
U.S. cybersecurity firm FireEye discloses breach, theft of internal hacking tools
FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that is has been hacked, possibly by a government, leading to the theft of an arsenal of internal hacking tools typically reserved to privately test the cyber defenses of their own clients
The hack of FireEye, a company with an array of business contracts across the national security space both in the United States and its allies, is among the most significant breaches in recent memory. The FireEye breach was disclosed in a blog post authored by CEO Kevin Mandia. The post said "red team tools" were stolen as part of a highly sophisticated, likely "nation-state" hacking operation. It is not clear exactly when the hack initially took place. . .
Beyond the tool theft, the hackers also appeared to be interested in a subset of FireEye customers: government agencies. "We hope that by sharing the details of our investigation, the entire community will be better equipped to fight and defeat cyber attacks," Mandia wrote. . .The company itself has partnered in recent weeks with different software makers to share defensive measures. There is no evidence yet that FireEye's hacking tools have been used or that client data was exfiltrated. But the investigation, which includes help from the Federal Bureau of Investigation and Microsoft Corp, is in its early phases. "This incident demonstrates why the security industry must work together to defend against and respond to threats posed by well-funded adversaries using novel and sophisticated attack techniques," a Microsoft spokesperson said . . .
The headline opening is serious. Everything is compromised, The "supply chain attack" is widespread -
SolarWinds boasts over 300,000 customers, including 425 Fortune 500 companies, all ten of the top ten telcos, the Pentagon, State Department, NSA, DOJ, and the White House.
Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of the iceberg. . .
Microsoft recommended that companies remove and investigate devices where the trojanized Orion apps were installed. The advice is in line with a DHS emergency directive published on Sunday, where the Cybersecurity and Infrastructure Security Agency recommended the same thing.
On the vast majority of these networks, the malware is present but dormant. The SolarWinds hackers only choose to deploy additional malware only on the networks of a few high-value targets. Currently known victims of this group's attacks include:
US cybersecurity firm FireEye
The US Treasury Department
The US Department of Commerce's National Telecommunications and Information Administration (NTIA)
The Department of Health's National Institutes of Health (NIH)
The Cybersecurity and Infrastructure Agency (CISA)
No comments:
Post a Comment