Cyberattack On US govt, cos poses “Grave Risk”: USCISA
PTI, Dec 18, 2020, 11:51 AM IST
Washington DC: A sophisticated cyberattack on US government agencies and private companies that was revealed this week poses a “grave risk” and thwarting it will be “highly complex,” the US computer security agency said Thursday.
President-elect Joe Biden expressed “great concern” meanwhile over the computer intrusion and said cybersecurity would be a “top priority” of his administration.
The US Cybersecurity and Infrastructure Security Agency (CISA) said US government agencies, critical infrastructure entities, and private sector organizations had been targeted by what it called an “advanced persistent threat actor.”
CISA did not identify who was behind the malware attack but private security companies have pointed a finger at hackers linked to the Russian government.
US Secretary of State Mike Pompeo also suggested involvement by Moscow on Monday, saying the Russian government had made repeated attempts to breach US government networks.
CISA said the computer intrusions began in at least March 2020 and the actor behind them had “demonstrated patience, operational security, and complex tradecraft.”
“This threat poses a grave risk,” CISA said in a statement. “CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”
Biden, who is to be sworn in as president on January 20, said the breach affected “potentially thousands of victims, including US companies and federal government entities.”
“My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority,” he said in a statement.
“We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” Biden said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks.
“Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation.”
According to CISA, the attackers managed to breach computer networks using enterprise management network software made by the Texas-based IT company SolarWinds.
“CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated,” CISA said.
Hackers reportedly installed malware on the software used by the US Treasury Department and the Commerce Department, allowing them to view internal email traffic.
SolarWinds said up to 18,000 customers, including government agencies and Fortune 500 companies, had downloaded compromised software updates, allowing hackers to spy on email exchanges.
After the attack was detected, CISA ordered federal agencies to power down the breached software.
The content the hackers sought to steal – and how successful they were – remains unknown.
The FBI has opened an investigation to identify those responsible for the hack and emergency discussions have been held at the White House to discuss the government’s response.
US National Security Advisor Robert O’Brien cut short a trip to the Middle East and Europe this week to deal with the fallout from the breach.
Udayavani is now on Telegram. Click here to join our channel and stay updated with the latest news.
One dead after LPG cylinder blast in Gundlupet
We were trying to hit fours and sixes but they bowled really well: KL Rahul
ED files chargesheet against Karnataka Congress chief Shivakumar
Related Articles More
Imran Khan gives 6-day ultimatum to Pakistan govt to announce fresh polls
After mass shootings like Uvalde, national gun control fails – but states often loosen gun laws
No need for patronising lectures, Xi tells UNHRC chief as she heads to Xinjiang to probe rights violations against Uygurs
Chinese leader Xi defends record to UN human rights chief
Sri Lanka: PM Ranil Wickremesinghe appointed Finance Minister by Prez Gotabaya