US Treasury Department Breached by 'Hackers Backed By Foreign Government' (usnews.com) 64
Reuters reports that "a sophisticated hacking group" backed by "a foreign government" has stolen information from America's Treasury Department, and also from "a U.S. agency responsible for deciding policy around the internet and telecommunications."
There is concern within the U.S. intelligence community that the hackers who targeted the Treasury Department and the Commerce Department's National Telecommunications and Information Administration used a similar tool to break into other government agencies, according to three people briefed on the matter.
The hack is so serious it led to a National Security Council meeting at the White House on Saturday, said one of the people familiar with the matter.
The hack is so serious it led to a National Security Council meeting at the White House on Saturday, said one of the people familiar with the matter.
Sigh. (Score:1)
Re:Sigh. (Score:5, Insightful)
We need to change our mentality.
Instead of "US Treasury Breached by Hackers" the headline should be "Incompetent Bureaucrats Fail to Secure Server".
The problem is not "bad guys" who should be feared, but "dumb guys" who should be fired.
Re: (Score:3)
The cyber spies are believed to have gotten in by surreptitiously tampering with updates released by IT company SolarWinds, which serves government customers across the executive branch, the military, and the intelligence services, according to two people familiar with the matter. The trick - often referred to as a "supply chain attack" - works by hiding malicious code in the body of legitimate software updates provided to targets by third parties.
Hackers broke into the NTIA's office software, Microsoft's Office 365. Staff emails at the agency were monitored by the hackers for months, sources said.
The hackers are "highly sophisticated" and have been able to trick the Microsoft platform's authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press.
SolarWinds says on its website that its customers include most of America's Fortune 500 companies, the top 10 U.S. telecommunications providers, all five branches of the U.S. military, the State Department, the National Security Agency, and the Office of President of the United States.
Reading between the lines, it looks like the hack compromised Outlook 365, which is used by many companies outside the aforementioned government agencies. "Monday may be a bad day for lots of security teams," tweeted Dmitri Alperovitch, a cybersecurity expert and founder of the Silverado Policy Accelerator think tank.
---
Re:Sigh. (Score:4, Interesting)
Re: (Score:3)
Open literature describes a number of ways to attribute an attack to a nation-state type attacker, whether that involves analysis of the attack tools, their techniques, or just the targets (individuals, data, or both).
What information at these organizations do you think would be a favored target for organized crime? Which non-government groups do you think would embed that kind of fake attribution data in their attack tools? Is there some gang of criminals in southeast Asia who decided it would be lulz-ri
Re: (Score:2, Interesting)
Open literature describes a number of ways to attribute an attack to a nation-state type attacker, whether that involves analysis of the attack tools, their techniques, or just the targets (individuals, data, or both).
What information at these organizations do you think would be a favored target for organized crime? Which non-government groups do you think would embed that kind of fake attribution data in their attack tools? Is there some gang of criminals in southeast Asia who decided it would be lulz-riffic to make their attacks look like they were perpetrated by North Korea or China government cyber ops? What long-term plan do you hypothesize some random gang would have here?
Dude, nothing in whatever you have mentioned prevents a hacker from executing simply for fun. People do these things and more for free/fun/no real reason/because - they can - have a lot of time - they want to prove a point - name it.
To me, this whole thing proves incompetence than anything else. We're the "most advanced nation on earth." So we should be immune to these kinds of attacks.
Re: (Score:1)
actually we are pretty pathetic (Score:2)
we are not where #1 at anything and very few in the top 10
just in case you weren't being sarcastic
Re: (Score:1)
The civil servants have two objectives:
1. Avoid being fired for blatant incompetence.
2. Increase their budget so they can all get raises.
An obvious way to accomplish both objectives is to push the narrative of a "sophisticated attack backed by a nation-state." This excuses the incompetence: Who could be expected to defend against a sophisticated attack? Since it was an attack by a "nation-state," it a clear threat to our national security, and no expense should be spared to counter the threat, so raises
Re: (Score:1)
Re: sounds believable (Score:2)
Re: (Score:2)
Personally, I tend to favor the idea of a corporation backing the attack. Presumably the attack required considerable centralized (as opposed to distributed) resources. That would put it out of the reach of most individuals...but many corporations have budgets that many governments would envy, and sometimes less oversight.
But it's a wild guess. Not something to hang your hat on. (I didn't even check that it *did* require lots of resources.)
Re: (Score:2)
FWIW, she did violate the security protocols, which were intended to prevent various forms of self dealing. There's no evidence that she *did* do anything that broke security (unless you count receiving emails), but she did break the rules. Of course, there were some in the current administration who did exactly the same thing, and haven't been investigated (yet).
Re: (Score:2)
Re: (Score:3)
One should always take such claims with a grain of salt. Politics has repeatedly trumped rationality and accuracy. Iraq WMDs is probably the biggest recent major faux pas (and lots of smaller ones in between).
Politicians have repeatedly shown a willingness to sacrifice long-term credibility for short-term political gains, and voters don't punish them or their party sufficiently for that attitude, so they keep doing it.
Russia (Score:3)
> So they discover a hack and immediately know it was a nation state backing the hackers even though they don't know which nation state or even who the hackers are
In this case, they know it's Russia. They may or may not say that in the record, in an official capacity, but they know it's Russia.
In the general case, consider the first days of the Russian invasion of Crimea. A couple thousand troops in debadged uniforms, with full military gear, took over important positions in Crimea. They cut off Crimea
Re: (Score:2)
If you don't think he was, it would be useful if you explained why. Currently it just sounds like you didn't like the answers he gave.
Re: (Score:2)
Re: (Score:1)
If only the government held themselves (Score:2)
I loved this!
may have "used a similar tool to break into other government agencies"
One thing we all know. No one meaningful will ever be held accountable so this will keep happening again and again.
Hey we can't divert money to the real needs after all there are unrelated gears to grease.
Can not wait until Jan 20 (Score:2)
Re: (Score:3)
America's security continues on a downward trend. The more that we outsource, the easier it is for Russia, CHina and Iran to nail us.
You are quite deluded if you think a new executive administration is somehow going to fix things.
Re: (Score:1)
You are quite deluded if you think a new executive administration is somehow going to fix things.
Are you kidding me? Biden has proven himself very adept at fixing things. You can bet that as soon as he takes office, you won't be hearing anything at all about these gov't blunders any more.
Let's stop this now (Score:2)
Re: (Score:2)
Now reliably prove who did it. Claims aren't proof.
Re: (Score:2)
I suspect the biggest benefit to such info is in "renting" spies and espionage acts from those who owe lots of taxes or are in other financial trouble. Those with money problems have proven eager recruits.
Trump allowed it (Score:1)
Trump the buffoon failed to run these agencies properly. Of course things like this can happen. He did nothing to prevent hacking. Fitting if the election got hacked too, it was his own fault. He came to office saying he could easily fix all of Americaâ(TM)s problems. Instead he fixed nothing. Violent crime is up. Remember before his election he CLAIMED he would bring law and order and reduce crime. Instead none of that happened, crime increased. Now all we get is excuses that he is merely the presiden
Re:Trump allowed it (Score:5, Insightful)
Which election hardware is more likely to be effectively hacked: A machine that merely counts paper ballots, or a machine that directly records votes ("DRE")? Remember that Georgia did a full manual recount.
Since there all the states that use DRE voting systems voted for Trump, it's much more likely that any possible voting machine hack was done to swing votes in Trump's favor.
Re: (Score:2)
Seriously? How much TDS do you have? (Score:2)
Re: (Score:2)
Did you gloss over the other things I said?
Why??? (Score:1)
Re: (Score:2)
Why are so many things on the internet that don't need to be? Why hasn't anyone figured out that sometimes it's better to have to go the actual physical systems? I realize that it's so much more convenient to be able to access things from your phone through an app, but there are some things that are just better off being a pain to access.
Convenience is the opposite of security. Unfortunately, convenience usually wins.
Re: (Score:2)
Why in the world would they be using anything other that their own servers. This is the fricking government, they are supposed to archive all email communications, not just higher up's. This somehow seems to be some sort of diversion. I really have had a hard time believing anything this year. Our government using any outside control, email, storage, offsite processing just blows me away.
So, do you think this is an intended miss step? The way 2020 is, it seems like it was intended.
When I was young, I never
Re: (Score:1)
When I was young, I never thought I would see 2020. Almost wish it was so.
When I was young I thought the same about 2000. I still can't believe that was 20 years ago.
Democracy under attack by our OWN president, and supported by so many.
Democracy and the Constitution have been under attack for a lot longer than the last four years. "The War on Drugs", "Assault Weapons Ban", The Patriot Act", "The ACA", Iraq, Iran, Afghanistan, just about everything the CIA did prior to 1990, Japanese internment camps, etc.
Sadly both parties have been shitting all over our rights and the Constitution for decades now.
I truly hope Biden grows some balls and goes after every person in the senate that is supporting the truly sedition supporting bastard's.
Yeah, not going to happen. We're just trading on
Re: (Score:2)
Re: (Score:1)
Nope. Some bitched that the Republicans have lost the popular vote 7 of the last 8 elections, but that was it.
Hillary Clinton [youtube.com] calling Trump an illegitimate president.
Jimmy Carter [youtube.com] stating that Trump lost the 2016 election.
John Lewis [youtube.com] claiming Trump is an illegitimate president
Joe Biden [youtube.com] agreeing that Trump is an illegitimate president.
No one said he wasn't fairly elected.
Oh, so all that Russia collusion and election hacking stuff was just my imagination? I guess that no Republicans are bitching about Biden either then?
This is terrible (Score:2)
The hack was so problematic that they called a *meeting*? Wow, that *is* serious.
Re: (Score:2)
Hope they put professionals in charge of security (Score:2)
But when the security managers propose two factor authentication, sandboxed accounts and multipl
Don't worry, the White House is on the case (Score:2)
They will fix everything with their usual competence. /s
MS Office 365 (Score:5, Informative)
Sorry everyone, I broke the rules and glanced at TFA, which tells us it's MS Office 365 that's been hacked into. Whoever it is has had tons of access to emails and documents for many months (that they're admitting to).
Yay, cloud! (Score:2)
This is great time to realize what a great idea it was to move everything into the cloud. Cloud: because saving a few cents only costs dollars!
Re: (Score:2)
It was my hunch that the cloud aspect of 365 was the weak spot. Do you know if that's where they got in?
Sorry for the cynicism, but as usual, the articles I've found are scant on technical details. Not sure if they're just trying to minimize exposing weak spots, or what. I'm pretty sure the weaknesses are well known in the black hat community, and maybe they don't want to lose MS advertising $ by giving out more detail about yet another MS vulnerability.
Dont worry, they just got emails. (Score:3)