Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
SolarWinds Attackers Accessed DHS Secretary’s Emails — Report
#1
Quote:Suspected Russian hackers managed to access the emails of Donald Trump’s last Department of Homeland Security (DHS) chief, in an intelligence coup for the Kremlin, according to a new report.

AP spoke to more than a dozen current and former US officials to discover more about the impact of the infamous SolarWinds attacks, which compromised at least nine federal agencies.

Email accounts belonging to then-acting secretary Chad Wolf were reportedly compromised by attackers during the months-long campaign, although it’s not clear what information was taken. Email accounts belonging to cybersecurity staff whose job it was to tackle foreign cyber-threats were also apparently affected.

The report revealed that another cabinet secretary, the Energy Department’s Dan Brouillette, was affected by the attacks. However, only non-confidential schedules were apparently taken.

What emerges from the interviews with anonymous officials is frustration at the inability of government IT systems to first detect the attack, which was initially flagged by FireEye, and then understand the scale of the impact.

For example, the Federal Aviation Administration (FAA) first said it was not affected by the operation, then was forced to issue a second statement a few days later admitting that its investigations were continuing.

In the end it emerged the agency was breached by the attackers, but struggled for weeks to work out how many of its servers were running SolarWinds software, according to AP.

Tim Wade, technical director at Vectra, said the news about Wolf’s emails may not be as bad as it sounds.

“We should expect that, if followed, protocols related to information classification should have precluded more sensitive details from being directly accessible and exposed without a hostile, foreign actor first finding access and exfiltration channels on classified networks,” he argued.

“Nonetheless, even unclassified communication between sensitive parties can disclose a great deal of actionable intelligence — the concerns raised by this story should not be understated.”


Source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Hackers Breach University of Manchester; School Says Attackers Likely Copied Data mrtrout 0 542 06-12-2023 , 10:39 PM
Last Post: mrtrout
  New macOS zero-day bug lets attackers run commands remotely mrtrout 0 606 09-21-2021 , 09:48 PM
Last Post: mrtrout
  ‘Educational’ ransomware program may instead become a how-to guide for attackers Bjyda 0 1,017 03-08-2021 , 11:09 PM
Last Post: Bjyda
  SolarWinds Incident May Bring Data Breach Notification Rules Bjyda 0 974 03-05-2021 , 12:05 AM
Last Post: Bjyda
  FireEye finds new malware likely linked to SolarWinds hackers Bjyda 0 1,341 03-04-2021 , 07:15 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)