Politic?

This is a blog dedicated to a personal interpretation of political news of the day. I attempt to be as knowledgeable as possible before commenting and committing my thoughts to a day's communication.

Wednesday, January 13, 2021

Pride Goeth Before A Fall : U.S.Cyber Security

"At this point, the number of potentially accessed O365 mailboxes appears limited to around three-percent"
"We have no indication that any classified systems were impacted."
Marc Raimondi, spokesperson, U.S.Department of Justice
158214905.jpg
A US Department of Justice seal is displayed on a podium during a news conference. (Photo by Ramin Talaie/Getty Images) 
 
The U.S. Department of Justice revealed on January 6 that it too had been infiltrated by malign hackers, presumed to be in service to the Russian Federation. They now are among other key government departments and institutions of the United States of America who have had the gross misfortune to have been cyber-hacked, their anti-hacking systems obviously not up to par, enabling foreign governments to access classified documents, secret data not meant to be seen by any foreign agents. These infiltrations are long in the tooth, estimated to have taken place a full nine months earlier, able to extract at their leisure the data they want, and to leave behind little gifts of intrusively wicked software.

The list of those government departments and American corporations impacted by this hugely successful cyber-hacking is both impressive in its scope and beyond alarming in its potential fallout, leaving the United States at the mercy of a malignant actor should it wish to use what it has extracted for malevolent purposes and there is no reason to suppose it might not. The very width and breadth of the cyber-operation speaks of its ambition and ruthless capability. The question burning in everyone's mind is what the ultimate disposition of the gathered intelligence will represent?
  • The US Treasury Department
  • The US Department of Commerce's National Telecommunications and Information Administration (NTIA)
  • The Department of Health's National Institutes of Health (NIH)
  • The Cybersecurity and Infrastructure Agency (CISA)
  • The Department of Homeland Security (DHS)
  • The US Department of State
  • The National Nuclear Security Administration (NNSA)
  • The US Department of Energy (DOE)
  • Three US state governments
  • City of Austin
  • Many hundreds more, such as Cisco, Intel, VMWare, and others.
"The installation of this malware created an opportunity for the attackers to follow up and pick and choose from among these customers the organizations they wanted to further attack, which it appears they did in a narrower and more focused fashion. While investigations (and the attacks themselves) continue, Microsoft has identified and has been working this week to notify more than 40 customers that the attackers targeted more precisely and compromised through additional and sophisticated measures."
"While roughly 80% of these customers are located in the United States, this work so far has also identified victims in seven additional countries. This includes Canada and Mexico in North America; Belgium, Spain and the United Kingdom in Europe; and Israel and the UAE in the Middle East. It’s certain that the number and location of victims will keep growing."
Microsoft
world map
 
Initially, problems came to light with a classic textbook supply chain attack, when computer users downloaded an update for network monitoring software, a Solar Winds product from a company with an enormous consumer base. Solar Winds was the original victim when hackers implanted malicious code into its software updates, thus creating a backdoor access into its tens of thousands of customers' networks. The hack was operational and unnoticed for nine months. 

Solarwinds app shown on a phone
EPA
Cybersecurity company FireEye and three federal agencies; the Department of Commerce, Energy and Treasury had in mid-December admitted publicly that they were seriously affected. Also vulnerable was the office of Secretary of State and Homeland Security. Solar Winds has updated its software, but that accomplishes nothing to ameliorate the incalculable damage done to government agencies and private institutions through this unique-in-scope-and-duration hack. "Just because you closed the intrusion doesn't mean that you solved the problem", Neil Jenkins, chief analytic officer of the Cyber Threat Alliance observed, of an attack that went undetected for nine months.

Those affected organizations have two unappealing options before them, quite apart from being in the dismal dark over what they've lost and what the future will bring with respect to the impact of the cyber breach. Corrective action on their systems will allow them a choice between endlessly, frustratingly searching manually through their computers hoping they might be able to eradicate all imprints left by the hackers or the selecting the tedious choice of abandoning the mess they've been left with, and rebuilding from stage one onward. 

Few of those affected by the cyber breach are prepared to admit how badly their operations may have been maimed. Not only is it embarrassing that their security was breached and even more so that there was no discovery and rectification until so many months had passed, and they still would not have realized the breach and the damage had not an incidental discovery been made of a malfunction traced to Solar Winds. To disclose publicly the extent of the carnage to their systems would represent a self-harming disclosure.
"The coming months will present a critical test, not only for the United States but for other leading democracies and technology companies. The weeks ahead will provide mounting and we believe indisputable evidence about the source of these recent attacks. It will become even clearer that they reflect not just the latest technology applied to traditional espionage, but a reckless and broad endangerment of the digital supply chain and our most important economic, civic and political institutions. It is the type of international assault that requires the type of collective response that shows that serious violations have consequences."
"If there is a common lesson from the past few years, it’s the importance of combining ongoing learning with new innovations, greater collaboration, and constant courage. For four centuries, the people of the world have relied on governments to protect them from foreign threats. But digital technology has created a world where governments cannot take effective action alone. The defense of democracy requires that governments and technology companies work together in new and important ways – to share information, strengthen defenses and respond to attacks. As we put 2020 behind us, the new year provides a new opportunity to move forward on all these fronts."
Microsoft
Federal Cybersecurity and Infrastructure Security Agency head, Chris Krebs had been criticized by the Homeland Security Department's watchdog for "poor intelligence sharing with its private and public partners and weak information security for its own system". General Paul Nakasone, head of the National Security Agency and the U.S. Cyber Command had stated back in February of 2020 that U.S. teams were "Understanding the adversary better than the adversary understands themselves."
 
The Foundation for Defense of Democracies, a think-tank based in Washington has suggested a strike-back by the United States, engaging in hacking and releasing information about President Vladimir Putin's personal wealth to shame him for the digital attacks against the United States. On December 27 Mr. Putin gave praise to the work of SVR officials: "extremely important"work, given "the difficult professional operations that have been conducted". There isn't much that Mr. Putin feels shame for and acquiring personal wealth surely isn't one of those incidentals for which he would feel shame.
 
cybersecurity chart

Labels: , , , , ,

posted by Pieface | 8:15 PM

0 Comments:

Post a Comment

<< Home

() Follow @rheytah Tweet