[Update] UHS Ransomware Attack 2020: Company Still Not Confirming Cyber Attack; May Take Days Before Getting Back Online

Tech Times

2021-01-22 03:16:29

• Report: Massive cyberattack on US gov’t came from within US at hands of suspected Russian hackers

  The suspected Russian hackers behind the recently discovered hack of IT contractor SolarWinds’ Orion software tools may have started their hacking efforts from within U.S. servers, allowing them to better avoid detection by U.S. cyber defense systems. FireEye, a private cybersecurity firm, told the New York Times that the hackers...Read Full StoryForeign HackersCyberattackNsaHacking AttacksCyber AttacksCyber SecurityMalwareThe New York TimesNSADHSSolarWinds OrionThe U.S. Cyber CommandRussian HackersCyber VulnerabilitiesU.S. Government NetworksMark WarnerEinstein

• Russian Cyberattack: It will take a long time to understand, perhaps years, experts say

  A long and tedious job is waiting for U.S. government researchers to try to understand the depth and veracity of the suspected Russian cyber-attack on several government institutions. Dan Hoffman, a former CIA chief of station at three agency outposts, described the incident as a 'massive intelligence failure' for U.S....Read Full StoryCyberattackPoliticsCyber AttacksCyber SecurityU.S. IntelligenceSecurity VulnerabilitiesCIAThe Russian EmbassyReutersCYBERSECURITYStateTrumpRussiansFake News MediaMSNBCVladimir PutinMike PompeoMitt RomneyChuck ToddJoe BidenMark WarnerMark Levin

• Senate Democrat says cyberattack on Treasury 'appears to be significant'

  Sen. Ron Wyden (D-Ore.) said on Monday that a cyberattack at the Department of Treasury reported by media outlets last week “appears to be significant.”Wyden, the ranking member of the Senate Finance Committee, released the statement after the committee’s staff was briefed by the Treasury Department and the IRS about the hack of the IT company SolarWinds. The Oregon senator said the IRS reported “no evidence that IRS was compromised or taxpayer data was affected,” but he added, “The hack of the Treasury Department appears to be significant.”“According to Treasury staff, the agency suffered a serious breach, beginning in July, the full depth of which isn’t known,” Wyden said. “Microsoft notified the agency that dozens of email accounts were compromised.”“Additionally the hackers broke into systems in the Departmental Offices division of Treasury, home to the department’s highest-ranking officials,” he added. “Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen.”Wyden then slammed government officials who have been “advocating for encryption backdoors, and ignoring warnings from cybersecurity experts who said that encryption keys become irresistible targets for hackers.” The Oregon Democrat’s statement follows reports from media outlets that several federal agencies were hacked this year through the cyberattack on SolarWinds. According to The Washington Post, the cyberattack was conducted by a Russian military intelligence group called “Cozy Bear.”Last week, the Cybersecurity and Infrastructure Security Agency gave an emergency order for federal departments to stop using SolarWinds products. Wyden and Senate Finance Committee Chairman Chuck Grassley (R-Iowa) requested the IRS brief the committee on whether sensitive taxpayer information was suspected to have been leaked in the hack. Wyden also partnered with Senate Banking Committee ranking member Sherrod Brown (D-Ohio) to call on Treasury Secretary Steven Mnuchin to provide more information on the breach of the department.CyberattackPoliticsTreasury OfficialsIRS OfficialsDemocratD-OreThe Treasury DepartmentSolarWindsMicrosoftDepartmental OfficesThe Washington PostRussianSenate Banking CommitteeTreasury StaffTaxpayer DataRon WydenChuck GrassleySherrod BrownSteven Mnuchin

• China knocks Trump over suggestion it was behind cyberattack

  A spokesman for China's foreign ministry is dismissing President Trump 's assertion that Chinese agents could have been involved in a wide-ranging cyberattack that struck several U.S. government agencies. Russia is widely suspected of carrying out the hack, and Secretary of State Mike Pompeo and Attorney General William Barr have...Read Full StoryU.s. Commerce DepartmentCyberattackWang WenbinPoliticsCyber SecurityChinaRussiaStateTwitterThe Associated PressTreasuryDemocratsRepublicansPresident TrumpCybersecurity IssuesMike PompeoWilliam BarrDonald Trump

• 'They potentially have the capacity to cripple us': Romney raises alarm about cyberattack tied to Russia

  Sen. Mitt Romney, R-Utah, raised concerns about a recent cyberbreach that has compromised vast swaths of the federal government, as well as the security of major corporations, think tanks and other key American institutions. "It is an extraordinary invasion of our cyberspace," Romney told NBC News' "Meet the Press" Sunday. "I mean, they basically have the capacity to know what we're doing. They even got into the agency that's responsible for our nuclear capacities, for our research with regards to nuclear weaponry." The Cybersecurity and Infrastructure Security Agency (CISA), the nation's top digital command, warned that multiple federal agencies and “critical infrastructure” were compromised in the attack. Republican Senator from Utah Mitt Romney speaks to reporters outside the Senate Chamber at the US Capitol in Washington, DC, on September 21, 2020. NICHOLAS KAMM, AFP via Getty Images Mixed Messaging: Pompeo says Russia 'pretty clearly' behind cyberattack on US, but Trump casts doubts and downplays threat Dozens of federal agencies, most Fortune 500 companies and other private sector firms, as well as utilities and infrastructure across the country, also were compromised in what officials are calling a “grave risk” to national security. While each institution is now scrambling to patch up its networks after the news, it is still possible that hackers placed further vulnerabilities in systems that will need to be discovered. Cybersecurity attack: 5 things you can do right now to protect yourself Explainer: What you need to know about the Solarwinds, FireEye hack Fact check: Syringes with RFID technology track vaccines, not recipients "This is an extraordinarily damaging invasion, and it went on for a long, long time," Romney said. The attackers infiltrated federal computer systems through a common piece of server software offered through a company called SolarWinds. The hack was likely perpetrated by Russian-backed agents, according to national security officials . The news has renewed calls for a more forceful U.S. digital posture against the country's geopolitical rivals. "I think we have to be much more serious about our cyber capabilities – offensive and defensive. I think we have to have a rethink about that at the Department of Defense, as well as our other agencies," Romney said. "And I think we have to have a very clear-eyed approach to how we deal with Russia going forward." Reports: Trump suggested naming Sidney Powell as special counsel on election in Oval Office meeting In November, President Donald Trump fired CISA chief Chris Krebs for denouncing claims that the 2020 election was compromised by foreign actors. Officials at the departments of Commerce, Energy, Homeland Security, Treasury and the National Security Council also acknowledged that their systems were breached. Officials have widely called it the worst and most wide-reaching hack in American history. "You can bring a country to its knees if people don't have electricity, don't have water and can't communicate," Romney said. "What Russia appears to have done is put themselves in those systems in our country. They don't need rockets to take those things out. Federal Courts: Biden's impact on judiciary may be limited despite liberals' talk of 'court-packing' "They potentially have the capacity to cripple us economically. They went to our businesses. They have the potential to also cripple us with regards to our water and electricity and so forth. So, this is very, very serious." While many analysts and national security officials have stressed the danger of the security vulnerability, the Trump administration has sent mixed messages on its severity. Changing World: Even Trump's fiercest critics say he may have gotten some world affairs right Transition 2020: Biden signals sharp pivot from Trump's unconventional foreign policy with pick of insider Antony Blinken Secretary of State Mike Pompeo said in an interview on The Mark Levin Show that the breach was a "very significant effort" that was "pretty likely" perpetrated by Russia. President Trump has downplayed the revelations, insisting that “everything is well under control." Romney condemned the "inexcusable silence and inaction from the White House" on the breach during an interview with Sirius XM . In his "Meet the Press" interview, Romney called Trump's comments a "disappointment" but said it was typical of a president who “doesn’t want to recognize Russia for the problem that they are." President-elect Joe Biden also has condemned Trump's comments and has promised a potent response from the incoming administration. Coronavirus: Here are the top US government officials who have received the coronavirus vaccine “A good defense isn’t enough; we need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” Biden said Thursday. “I will not stand idly by in the face of cyberassaults on our nation.” On current U.S. policy, Romney observed that “Russia acted with impunity” because Moscow "didn't fear what we would be able to do from a cyber capacity." The senator argued that the provocation "demands a response" but wasn't sure "if we have the capacity to do that in a way that would be of the same scale or an even greater scale." This article originally appeared on USA TODAY: 'They potentially have the capacity to cripple us': Romney raises alarm about cyberattack tied to Russia Washington , DcCyberattackPoliticsCybersecurity ThreatCyber SecurityCyber AttackNuclear AttackForeign HackersAmericanNBC News 'CISAThe Senate ChamberAFPRFIDSolarWindsMitt RomneyDonald TrumpMike PompeoJoe Biden

• Senators, experts confident Russia behind cyberattack despite Trump skepticism

  © Greg NashSenators and cybersecurity experts on Sunday reacted to the cyberattack on federal agencies, the role of Russia and what level of retaliation is appropriate."I would echo what Secretary Pompeo has said and [Sen.] Marco Rubio [R-Fla.] has said: all indications point to Russia. Matter of Fact, FireEye, one of the nation's top cybersecurity companies who got hacked, they also indicted Russia," Sen. Mark Warner (D-Va.), the top Democrat on the Senate Intelligence Committee, said on ABC’s “This Week.”"This attack also shows when a nation state brings their best tools to the table, it's very tough for any government agency or company for that matter to keep them out,” he said.President Trump , however, has expressed skepticism about Russia’s culpability for the attack, suggesting on Saturday that China could be responsible and accusing the media of refusing to discuss the possibility “for mostly financial reasons.”"This is extraordinarily serious, and when the President of the United States, either tries to deflect or is not willing to call out the adversary as we make this attribution, he is not making our country safer," Warner told ABC’s George Stephanopoulos .Sen. Mitt Romney (R-Utah) sounded a similar note, saying on CNN’s “State of the Union” that a response of “like magnitude or greater” is warranted."This is the same thing you can do in a wartime setting, so it's extraordinarily dangerous, and an outrageous affront on our sovereignty and one that's going to have to be met with a strong response," Romney told CNN’s Jake Tapper .The Utah senator suggested Trump is reluctant to blame the Kremlin for the attack due to a “blind spot” on the subject of U.S.-Russia relations.Romney made similar comments to NBC’s Chuck Todd , saying “[t]he reality here is that the experts, the people who really understand how our systems work and how computers work and software and so forth, the thousands upon thousands at the CIA and the NSA and the Department of Defense, have determined that this came from Russia.”“I'm not going to psychoanalyze the president. But I think he feels that anything that suggests that Russia is being malevolent or not treating him with the respect he deserves, why, he obviously backs away from that,” he added on "Meet the Press."Christopher Krebs, the former head of U.S. cybersecurity, told Tapper he would be “very careful with escalating this” and that there should be a “conversation among like-minded countries” about the appropriate response to cyber-warfare.Krebs echoed the conclusion that Russia was responsible, saying the Kremlin’s intelligence service is “exceptionally good at it” and blaming what he said were outdated systems still in use across U.S. agencies.Trump fired Krebs as head of the Cybersecurity and Infrastructure Security Agency shortly after he contradicted the president’s unsubstantiated claims about widespread voter fraud, saying the 2020 election was the most secure in American history.NsaCyberattackPoliticsRubio FederalRussiaUnited States SenateU.S. SenatorsU.S. SenateDemocratABCCNNKremlinNBCCIANSAMarco RubioMark WarnerGeorge StephanopoulosMitt RomneyJake TapperChuck Todd

• Pompeo blames Russians for massive cyberattack

  Secretary of State Mike Pompeo has blamed Russia for a massive cyberattack, saying 'it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity.' He said 'there was a significant effort to use a piece of third-party software to essentially embed...Read Full StoryClassified InformationCyberattackCyber EspionagePoliticsCyber AttackMassive AttackRussiansCBS NewsMicrosoftKremlinEnergyHomeland SecurityThe Treasury DepartmentFBIU.S. Government SystemsMike PompeoCatherine HerridgeEric O'neillJoe BidenMark Levin

• 'We can say pretty clearly' Russia was behind massive cyberattack on US, Pompeo says

  (CNN) — Secretary of State Mike Pompeo on Friday said it's pretty clear Russia was behind the massive cyberattack on US federal government agencies, publicly linking Russia to the data breach as the President has remained silent on the matter. 'This was a very significant effort, and I think it's...Read Full StoryCyberattackPoliticsCyber SecuritySecurity BreachRussian GovernmentData SecurityCNNRussiansThe White HouseAmericanReutersTreasuryThe Commerce DepartmentSolarWindsFireEyeMike PompeoDonald TrumpKaitlan CollinsJason Hoffman

• Pompeo blames Russia for massive cyberattack on U.S., other countries

  It may take months before the U.S. and other nations can determine the extent of the damage done by a widespread cyberattack. The breach is believed to be the work of Russian hackers, and went undetected for months. The Kremlin denies any involvement, but Secretary of State Mike Pompeo blamed Russia for the attack on Friday. Catherine Herridge reports on the investigation.Read Full StoryCyberattackU.sU.S.Massive AttackKremlinRussian HackersSecretaryMike PompeoCatherine Herridge

• Agency overseeing U.S. nuclear weapons targeted in suspected Russian cyberattack

  U.S. officials says a massive cyberattack, discovered a week ago and blamed on Russia, was far more wide-reaching than previously thought, CBS News' Catherine Herridge reports. The government's top cybersecurity agency says the hack compromised critical federal infrastructure, and according to reports, the breach struck at least seven government agencies...Read Full StoryCyberattackPoliticsCyber SecurityCyber AttackNational SecurityIntelligence AgenciesU.S. AgenciesCBS News 'The Department Of EnergyRussiansPrincipleSolarWindsThe White HouseThe Washington PostMicrosoftCatherine HerridgeMitt RomneyVladimir Putin

• Phishing cyberattack targets COVID-19 vaccine supply chain

  (Michael Bocchieri/Getty Images)Organizations that are part of the COVID-19 vaccine supply chain have been the victims of a global phishing campaign that set out to steal information, according to Axios.Security Intelligence reports that IBM Security X-Force, a threat intelligence task force, discovered a phishing campaign targeting organizations on the COVID-19 cold chain. The cold chain is part of the vaccine supply chain that ensures the safe preservation of vaccines in temperature-controlled environments. The campaign targeted executives and key global organizations. Security Intelligence reports this attempted theft has the characteristics of nation-state tradecraft. IBM Security X-Force revealed what went into the phishing campaign.The group impersonated executives from Haier Biomedical, a credible company that is part of the COVID-19 vaccine supply chain. The group sent out emails to organizations that are believed to provide material support for the transportation of the vaccines that required receivers of the email to input their login credentials. The assessment of the campaign states the goal may have been to harvest these credentials in order to gain future unauthorized access into these networks. With this access, the group could gain insight into the communication within these organizations and also the infrastructure governments will use to distribute the vaccine. The New York Times reports that the leading candidates behind this operation are North Korea and Russia. X-Force doesn’t believe that these attacks are from rogue cybercriminals due to the lack of immediate cash payout. It is more likely these activities would be state-sponsored given the lack of monetary reward and time required to pull the campaign off. James Lewis, who runs the cybersecurity programs at the Center for Strategic and International Studies in Washington, thinks that this may be the precursor to a ransomware attack. He believes that hackers might interfere with the distribution of vaccines and essentially hold them hostage until they receive a large payment. “There is no intelligence advantage in spying on a refrigerator,” Lewis said. “My suspicion is that they are setting up for a ransomware play. But we won’t know how these stolen credentials will be used until after the vaccine distribution begins.”Another theory is this an IP theft- a group wanting to gain secrets into how to transport the vaccine. Targets of the campaign include The European Commission’s Directorate-General for Taxations and Customs Union, companies involved in solar panels used to power the refrigerators, and software development companies in South Korea and Germany connected to pharmaceutical manufacturers. The New York Times reports there is no indication the attacks were focused on Pfizer or Moderna. Follow me to see more articles like this....FollowPhishingCyberattackCovid-19North KoreaHackersSecurity SoftwareAttack SoftwareSoftware CompaniesVaccine DevelopmentAxiosSecurity IntelligenceIBM Security X-ForceHaier BiomedicalThe New York TimesDirectorate-General