The DEFCON Warning System™

Ongoing GeoIntel and Analysis in the theater of nuclear war.  DEFCON Level assessment issued for public notification.  Established 1984.

Russian government hackers are behind a broad espionage campaign that has compromised U.S. agencies

Related Posts

Russian government hackers breached the Treasury and Commerce departments, along with other U.S. government agencies, as part of a global espionage campaign that stretches back months, according to people familiar with the matter.

Officials were scrambling over the weekend to assess the nature and extent of the intrusions and implement effective countermeasures, but initial signs suggested the breach was long-running and significant, the people familiar with the matter said.

The Russian hackers, known by the nicknames APT29 or Cozy Bear, are part of that nation’s foreign intelligence service, the SVR, and they breached email systems in some cases, said the people familiar with the intrusions, who spoke on the condition of anonymity because of the sensitivity of the matter. The same Russian group hacked the State Department and the White House email servers during the Obama administration.

The FBI is investigating the campaign, which may have begun as early as spring, and had no comment Sunday. The victims have included government, consulting, technology, telecom, and oil and gas companies in North America, Europe, Asia and the Middle East, according to FireEye, a cyber firm that itself was breached.

The Russian Embassy in Washington on Sunday called the reports of Russian hacking “baseless.” In a statement on Facebook it said, “attacks in the information space contradict” Russian foreign policy and national interests. “Russia does not conduct offensive operations” in the cyber domain.

All of the organizations were breached through the update server of a network management system made by the firm SolarWinds, FireEye said in a blog post Sunday.

The federal Cybersecurity and Infrastructure Security Agency issued an alert Sunday warning about an “active exploitation” of the SolarWinds Orion Platform, from versions of the software released in March and June. “CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures,” the alert said.

Read more at MSN

Picture of Ellen Nakashima, Craig Timberg

Ellen Nakashima, Craig Timberg

Leave a Reply

Ongoing Geointel and Analysis in the theater of nuclear war.

Our Profile

Opportunity

Legal

Get Updated

© 2024 The DEFCON Warning System. Established 1984.

The DEFCON Warning System is a private intelligence organization which has monitored and assessed nuclear threats by national entities since 1984. It is not affiliated with any government agency and does not represent the alert status of any military branch. The public should make their own evaluations and not rely on the DEFCON Warning System for any strategic planning. At all times, citizens are urged to learn what steps to take in the event of a nuclear attack.

Forum