FILE PHOTO: The SolarWinds logo is seen outside the headquarters on December 18, 2020 in Austin, Texas, USA. Reuters / Sergio Flores / File photo
October 7, 2021
Joseph Main and Christopher Byng
SAN FRANCISCO (Reuters) – Russian hackers suspected of infiltrating US federal agencies using SolarWinds and Microsoft software investigate intelligence measures, Russian sanctions policy, country’s response to COVID-19, information about people surveyed presented. I told Reuters.
The hack has been widely publicized since it was discovered late last year, and US officials blame Russia’s SVR foreign intelligence service. It denies the activity. However, little is known about the purpose and success of the detective.
The Securities and Exchange Commission is conducting a comprehensive investigation as some listed companies are hesitant to explain their exposures to 2021-09-10.
The campaign surprised the authorities with its stealth and carefully staged action. Hackers broke into the SolarWinds codewriting process to create widely used software for managing the network.
The group also took advantage of weaknesses in Microsoft’s method of identifying users in Office 365 and violated certain goals by using Microsoft software instead of SolarWinds.
It has previously been reported that hackers broke into unclassified Justice Department networks and read emails in the Treasury, Commerce and Homeland Security sectors. Nine federal agencies have been compromised. Hackers also use digital certificates to convince computers that software is allowed to run on the computer, and Microsoft https://www.reuters.com/business/solarwinds-hackers-studied. -microsoft-source-code-authentication-source code stolen from email. -2021-02-18 and other technology companies.
One of the people said the exposure of the counterintelligence issue being done to Russia was the worst of the damage.
A Justice Department spokesman did not respond to requests for comment.
White House officials said President Joe Biden has issued orders to improve the security of federal agencies, calling for more multi-factor authentication and greater monitoring of workplace equipment, among other things. ..
In the annual Threat Review paper https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi released Thursday, Microsoft said Russian spies were finally approved by the government. He said he was looking for the material. American methods to catch Russian hackers as well as other Russian-related policies.
Kristin Goodwin, general manager of Microsoft’s digital security unit, said they concluded from the types of customers and accounts they targeted. In such cases, she told Reuters, “then we can estimate operational objectives.”
Others working on the government’s investigation said they could look further into what the Americans used to search for digital files, including Russian “sanctions”.
Chris Krebs, former head of the US cyber defense agency CISA and now an advisor to SolarWinds and other companies, said the joint explanation of the attacker’s goals was logical.
“If I am a dangerous actor in the environment, I have clear goals. First, I want to get valuable information about government decision-making. Restriction policies matter a lot,” Krebs said.
The second is to know how the target reacts to the attack, i.e. “Counter Incident Response”. “I want to know what Target knows about me so that I can improve my trading craft and avoid detection.”
(Reporting by Joseph Main and Christopher Byng, edited by Peter Henderson)
Intelligence probe-sources where SolarWinds hackers stole data on US sanctions policy
Source Link Intelligence Investigation – Source where SolarWinds hackers stole data on US sanctions policy