US Cybersecurity Agency Warns of ‘Grave’ Threat from Hack
WASHINGTON — The federal government’s top cybersecurity agency on Thursday issued its most urgent warning yet about a sophisticated and extensive computer breach, saying it posed a “grave risk” to cyber networks maintained by governments, utilities and the private sector and could be difficult to purge.
Removing the malware from “compromised environments will be highly complex and challenging for organizations,” the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA, said in an alert providing the most extensive details yet about the hack.
Over the weekend, reports emerged that hackers had broken into computer networks at multiple federal agencies, including the Treasury and Commerce departments. The list of victims has continued to grow, and includes the Department of Homeland Security and the National Institutes of Health. Federal law enforcement officials have said Russia was behind the attack and are still assessing how much information was pilfered by Moscow.
Russia’s U.S. Embassy has denied responsibility. U.S. cybersecurity officials have not officially blamed the Kremlin, but in the CISA alert noted that the attack came from “a patient, well-resourced, and focused adversary” that engaged in “operational security and complex tradecraft.”
Cyber experts said Russia was among the few countries that could support such an attack.
The security compromises began in at least March, according to CISA, with the infiltrators gaining initial access through a compromise in a piece of software made by SolarWinds — a Texas-based company that sells network-monitoring cybersecurity software — although CISA said evidence indicates hackers had other access points.
When SolarWinds customers running the software installed updates, they unknowingly downloaded malicious code and granted hackers access to their network. Hundreds of thousands of organizations use SolarWinds products, and U.S. agencies have been told to disconnect machines running the compromised program.
“Most of the sensitive folk have shut down SolarWinds, so now they’re flying blind; they don’t have … their usual detection technology,” said Robert Cattanach, a cybersecurity expert and former special counsel to the Secretary of the Navy. “It’s a very uncertain time right now.”
To further complicate things, SolarWind was so ubiquitous in the cybersecurity sector that there’s not a clear, immediate substitute, Cattanach added.
The House Homeland Security and Oversight committees launched an investigation into the hacks Thursday, warning that “based on preliminary reporting, it is evident that this latest cyber intrusion could have potentially (devastating) consequences for U.S. national security.”
(c)2020 the Los Angeles Times
Distributed by Tribune Content Agency, LLC.
In The News
WASHINGTON -- A congressional hearing Friday showed that foreign computer hackers are facing a growing likelihood of counterattack from the United States as a result of the SolarWinds software breach. Lawmakers and computer industry officials agreed the hackers must face consequences to deter them in the... Read More
WASHINGTON (AP) — Jolted by a sweeping hack that may have revealed government and corporate secrets to Russia, U.S. officials are scrambling to reinforce the nation's cyber defenses and recognizing that an agency created two years ago to protect America's networks and infrastructure lacks the money,... Read More
WASHINGTON -- Cybersecurity experts suggested to a congressional committee Wednesday that lawmakers act quickly to address growing threats from hackers. They mentioned the SolarWinds computer infiltration by the Russians last year and a hacker’s attempt to poison a Florida municipal water supply last week as examples.... Read More
ST. PETERSBURG, Fla. (AP) — A hacker's botched attempt to poison the water supply of a small Florida city is raising alarms about just how vulnerable the nation's water systems may be to attacks by more sophisticated intruders. Treatment plants are typically cash-strapped, and lack the... Read More
WASHINGTON — Dramatic changes in the workforce and service delivery have posed unique security challenges over the last year. Evolving technologies are accommodating training and remote work, but new cybersecurity threats continue to emerge. In the last few years, directives have required federal agencies to take... Read More
WASHINGTON (AP) — The elite Russian hackers who gained access to computer systems of federal agencies last year didn't bother trying to break one by one into the networks of each department. Instead, they got inside by sneaking malicious code into a software update pushed out to thousands... Read More