According to FireEye, a top cybersecurity Silicon Valley company, hackers broke into the network during the software update. FireEye is the first call for any U.S. government agencies to detect and prevent major cyber attacks. The company said that the hackers used “novel techniques” to breach the network and these techniques could possess a new threat to the world. It was only a few days ago that the U.S. warned the nation’s cybersecurity department that cyber actors linked to the Russian government are trying to manipulate sensitive data.
After FireEye was attacked by this “global intrusion campaign” many experts including the company suspect that Russian hackers are responsible for this act. The U.S. government hasn’t publicly identified Russians as hackers. But, the fact that a few days ago foreign government hackers broke into FireEye’s network and stole their own hacking tools makes everything very shady.
How badly it can affect the U.S?
Yesterday, FireEye posted a blog post saying that they have identified a global campaign that introduces a compromise in private and public networks of any targeted organizations through the software supply chain. It also further said that “This compromise is delivered through updates to a widely-used IT infrastructure management software – the Orion network monitoring product from Solar Winds.”
If the nation, most probably, the Russians were able to successfully plant this compromise in the network, this will shake the security system of the United Nations. Solar Winds Corporation is responsible for selling technology products to a Who’s Who list of sensitive targets. It involves a vast network including the State Department, the Centers for Disease Control and Prevention, the FBI, the U.S. military, most companies of Fortune 500, and many more. This is a very intense situation as the vulnerable information of major departments of a nation’s security and the multination companies are involved.
FireEye further informs that these hackers not only hit organizations in the U.S. but also Europe, North America, Asia, and the Middle East. They target mainly government sectors, telecommunication industry, oil, and gas, etc. The U.S. government has been made aware of the entire situation. John Ullyot, a spokesperson for the National Security Council said that the government is taking all the necessary steps to provide a remedy to every identified damage caused. Currently, the FBI and the Department of Homeland Security’s cybersecurity arm are investigating the matter.
Focus on the U.S. government
According to Reuters, the attack involved the hackers snooping around on emails of the U.S. Treasury Department and a part of the Commerce Department. According to some experts, these hackers are backed by the Russian government themselves. A thorough analysis by FireEye showed that this campaign has targeted the U.S. government and beyond involving top-tier operational tradecraft and resourcing companies from the spring of 2020.
These hackers are very efficient and they rarely keep track behind. It can be a possibility that the hackers saw an advantage of timing as the American government agencies including FireEye were all focused on securing the servers for the presidential election. This is not new as the Russians also targeted the election system during 2016. The 2016 hack was known as the biggest cybersecurity theft and the group remains unidentified.
For several months the U.S. government is focusing on detecting and countering the Russian interference in the nation’s presidential election. Through the government agencies were quite successful in creating stronger cybersecurity, a senior director at FireEye said that “it is the most effective cyber-espionage operations we have seen in quite some time.”
A proper investigation by the FBI
The number of casualties is increasing due to the compromise in the networks. Solar Winds mentioned that one of the software update systems for a particular product was used to send malware to the customers. Since the products got manipulated, the number of victims will eventually cross thousands. Yesterday, the company was aware of 25 entries that were affected by the update system.
The investigators are trying to trace the digital tracks of these hackers. While investigating they have discovered that FireEye is the first victim to spot this breach in the network. This means there are possibly many victims whose server has already been compromised. It will take days and weeks to estimate the damage already caused by these hackers. According to the Washington Post, a Russian hacking group known as Cozy Bear is behind this campaign.
Annasha Dey is an NIT student, who apart from studying engineering is also a content writer. She has a great interest in photography, writing, reading novels, and travelling as well. She is a foodie who loves socializing and hanging out with her friends. She is also a trained Kathak dancer and a big fashion enthusiast. Dey also loves watching TV series, which includes F.R.I.E.N.D.S. and Big Bang Theory. To be a better writer she prefers to read more