• For full details of graphics available/in preparation, see Menu -> Planners
 Cyber Angriff auf US Regierungsstellen infographic
Grafik zeigt wie Regierungen gehackt wurden.
GN40901DE

TECH

Massiver Cyber Angriff auf US Regierungsstellen

By Duncan Mil

December 18, 2020 - Nach einem globalen Cyber-Spionage Angriff, der mehrere US Regierungsstellen und private Organisationen penetriert hat, prüfen jetzt Regierungen weltweit, ob auch sie zu den Opfern gehören

The so-called supply chain attack targeted Texas-based SolarWinds, which provides its Orion Platform network monitoring services to government agencies and companies.

According to U.S. news sources, Russian group Cozy Bear carried out the attack. Cozy Bear -- also known as Advanced Persistent Threat 29, or APT29 -- works for the Russian Foreign Intelligence Service (SVR) as well as the Federal Security Service (FSB), the former KGB.

Hackers managed to access highly secure networks of 18,000 government and private computers between March and June when users installed updates of SolarWinds Orion software.

Backdoors in the software gave the hackers access to classified information, including internal emails at top government organisations. Among U.S. government agencies affected are the Energy Department, which is responsible for managing U.S. nuclear weapons. Other agencies include the Pentagon, Department of Homeland Security, Commerce Department, Treasury Department U.S. Postal Service and National Institutes of Health.

Although the breach started ten months ago, it was not discovered until U.S. cybersecurity company FireEye, which uses Orion, found it had suffered an attack in December.

“We looked through 50,000 lines of source code, which we were able to determine there was a backdoor within SolarWinds,” said Charles Carmakal, senior vice president and chief technical officer at FireEye’s incident response arm. After discovering the backdoor, FireEye alerted SolarWinds and law enforcement, Carmakal said.

The long lag between infection and discovery would have given hackers plenty of time to download vast amounts of classified information.

Sources
PUBLISHED: 18/12/2020; STORY: Graphic News; PICTURES: Getty Images
Advertisement