Cyber attack report on U.S. Treasury
Hackers backed by a “foreign government” have breached computer systems in both the U.S. Treasury and the Commerce Departments. Whomever it was *coughChina* has been reading emails from both organizations for quite a while now, accessing the data via MS Office 365. Thanks, Bill Gates.
Skippy sends.
White House confirms cyberattack report on U.S. Treasury by foreign government
The NSA met with the White House on Saturday regarding the matter
By Lucas Manfredi
The U.S. government has acknowledged reports that hackers backed by a foreign government have breached the U.S. Treasury Department and an agency within the Commerce Department.
“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” National Security Council spokesman John Ullyot told FOX Business in a statement.
According to Reuters, the elaborate cyber hack was launched on the Treasury Department as well as the Commerce Department’s National Telecommunications and Information Administration, or NTIA, a U.S. agency that is tasked with crafting internet and telecommunications policy. Sources told the outlet that the hack was so serious it led to a National Security Council meeting on Saturday.
Hackers reportedly used the organization’s Microsoft Office 365 platform to monitor staff members emails for months.
A Treasury Department spokesperson deferred comment to the NSC. A spokesperson for the Commerce Department confirmed the breach, adding that it has “asked CISA and the FBI to investigate” but declining to comment any further. A Microsoft spokesperson declined to comment to FOX Business.
Read the rest of the article here: Fox News
Thanks, Skippy.
Category: Crime, Guest Link
Not just Treasury and Commerce – parts of the Pentagon, DHS and State were also apparently hit, others are suspected, like DOJ. I’d bet more were hit, too, but we’re not going to hear about some of them.
https://www.nytimes.com/2020/12/14/us/politics/russia-hack-nsa-homeland-security-pentagon.html
It was a very skilled attack, bypassing MFA (Multi-Factor Authentication) mechanisms by compromising the arbiter of those requests, and the probes were hidden within a security scanner software. Basically, they compromised the very software used to secure the networks. Oops!
https://www.nytimes.com/2020/12/14/us/politics/russia-hack-nsa-homeland-security-pentagon.html
https://www.wired.com/story/russia-solarwinds-supply-chain-hack-commerce-treasury/
And more, Skippy sends.
https://justthenews.com/government/security/pentagon-imposed-emergency-shutdown-computer-network-handling-classified
SIPRNet shut down.
Doesn’t matter. When bidet takes over he’ll tell them everything they want to know. I will bet right now chinese hackers are like “shit man, bidet won? well, there goes our jobs.”
“Bidet” A useful item. Had one in the last place- could always tell if one of MrsAW1’s friends were first time users by the surprised yelp coming from the head. Try warm water next time, Ma’am.*grin*
Xiden
Bai Din…
Only surprise I got is we found out about it. Not like they just started this sh^t.
Trump’s last Executive Act should be to deport every Chinese Communist and arm the ROCs to the teeth.
Guess y’all saw the blurb about the Chinese Communist professor that only got “time served” for his spy game? When ya gonna learn, the Chinese Communists are NOT our friends. Period!
Time for another round of Hack the VA. Been a while.
So they can get into all these agencies, but didn’t / couldn’t compromise voting machines that they had a hand in designing… RIIIIIIIGHT…
https://youtu.be/4p8Aq5BM9io
Yep. I’ll just leave this here.
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
It’s worth noting that that story is viewed with a great deal of skepticism by most in the cybersecurity realm:
https://www.servethehome.com/investigating-implausible-bloomberg-supermicro-stories/
This isn’t to say China doesn’t do, or at least, supply-side shenanigans, but this seems implausible as written.
not where I work…not only are we convinced, we have seen this type of thing first hand.
But then, I’ve only worked in the field about 10 years…a relative newb for real!
This type of thing being.. what? Supply-side hacks? Absolutely. A stealthily modified BMC, taking over powered-off systems and transmitting sensitive, encrypted data from RAM that it doesn’t even have the pins o power to access, through a stateful firewall to some Chinese intermediary all without detection? Laughable.
It’s also worth noting that none of the FBI, NSA, DHS or counterparts in the UK have seen any evidence of this, which you’d think would be of intense interest to them. Then there’s the lack of traffic this would involve, which experts mention. And even the ‘experts’ in the Bloomberg article don’t agree with its conclusions.
But hey, despite the security heads in national intelligence and key business partners saying, “Nah, it didn’t happen”, we’ve got you and your ten years… guess you gotta be right.
Is this type of action (supply interdiction for hacking) taken? Yes. Was this done? Not bloody likely.
I’m pretty much useless when it comes to computers. PEBCAK pretty much sums me up when it comes to computers.
Can you break it down Barney style?
My take away from that article is hardware hack. No idea about the specifics.
From my very limited “knowledge” it would seem a hardware hack could be more effective that intrusion from the outside.
What about the article is questionable?
I think my reply is either caught up in moderation (possibly for length), or got eaten. Or, you know, the Chinese hacked it.
I’ll try replying again later if it doesn’t show up.
Try #2 – I’ll split this in two, in case it’s the length that’s an issue:
Imagine a sensational article that talks about the best sniper in the armed forces. He apparently made a shot at a range of 3km. This is really fucking good, but not outside the realm of possibility – a JTF-2 sniper hit a longer shot. But still, it’s pretty damn skillful.
That’s the ‘base’ story here – a really skillful ‘hack’ would be covertly replacing or adding a chip to a computer that could secretly read from memory, and send it to a network. This is plausible, even if it requires incredible skill and top-notch gear.
The problem comes in when the details come into focus – if the article about the sniper said he made a 3KM shot with a handgun, you’d immediately be awfully suspicious, since handguns don’t have that kind of range. In computer hardware, the memory chips (RAM) that the ‘hack’ allegedly read have far too many pins for a small circuit like the novel hardware to handle. It literally couldn’t ‘reach’ that memory. Some of it? Maybe, but then it would require quite a bit of processing power – and that amount couldn’t fit into the small package. If the sniper dismisses all of this by saying he got a special, never-seen-before type of handgun from China, with better technology than the US has, you’d still rightly be suspicious.
(more)
Next, you hear that to get his shot, the sniper had to sneak into enemy territory, transmit sitreps frequently, but despite advanced, full-spectrum monitoring of comms by an advanced enemy, nobody ever noticed a thing. Big companies like AWS and Apple had sophisticated monitoring of their networks, and logs of traffic, and their security experts would take a dim view of unknown traffic to unauthorized locations. Now, a good hack likely wouldn’t route things directly to China, they’d send it to some intermediary they controlled. This is like if you’re a Chinese spy and get your hands on some carefully controlled information, you don’t go to your local post office and send things directly to the Ministry of State Security in Beijing. You’d send it to a ‘friend’ in Topeka, Kansas or something, who’d send it on. Nevertheless, that’s going to get flagged in a high security area.. and in a high security network.
So, at this point, you’re reasonably suspicious of the sniper’s claims and so you ask for his military records… and the military says, “Who?”. That’s the input here from the FBI, NSA, DHS, GCHQ, Apple, Amazon and a large variety of experts.
At the end of the day, is it possible there’s a secret-squirrel sniper who hit a 3K shot with a handgun using custom hardware, despite nobody hearing of him, seeing him, etc? Sure, in the same way it’s possible Elle MacPherson is going to swing by my place tonight and ask for a fun time. And, like that, if I’m chatting with my friends, I might tell a tall tale about how she totally did… but it defies reason, and seems awfully unlikely.
Does that help at all? In short, the base claim is fine. And yes, a hardware hack has great potential since it bypasses OS security and security wipes. But as soon as you dig into the details, it becomes deeply implausible as stated.
Next, you hear that to get his shot, the sniper had to sneak into enemy territory, transmit sitreps frequently, but despite advanced, full-spectrum monitoring of comms by an advanced enemy, nobody ever noticed a thing. Big companies like AWS and Apple had sophisticated monitoring of their networks, and logs of traffic, and their security experts would take a dim view of unknown traffic to unauthorized locations. Now, a good hack likely wouldn’t route things directly to China, they’d send it to some intermediary they controlled. This is like if you’re a Chinese spy and get your hands on some carefully controlled information, you don’t go to your local post office and send things directly to the Ministry of State Security in Beijing. You’d send it to a ‘friend’ in Topeka, Kansas or something, who’d send it on. Nevertheless, that’s going to get flagged in a high security area.. and in a high security network.
So, at this point, you’re reasonably suspicious of the sniper’s claims and so you ask for his military records… and the military says, “Who?”. That’s the input here from the FBI, NSA, DHS, GCHQ, Apple, Amazon and a large variety of experts.
(more)
At the end of the day, is it possible there’s a secret-squirrel sniper who hit a 3K shot with a handgun using custom hardware, despite nobody hearing of him, seeing him, etc? Sure, in the same way it’s possible Elle MacPherson is going to swing by my place tonight and ask for a fun time. And, like that, if I’m chatting with my friends, I might tell a tall tale about how she totally did… but it defies reason, and seems awfully unlikely.
Does that help at all? In short, the base claim is fine. And yes, a hardware hack has great potential since it bypasses OS security and security wipes. But as soon as you dig into the details, it becomes deeply implausible as stated.
Fat chance of Elle M. swinging by your place tonight.
I filled her in on what you’re like before she left here this morning…
Thanks LC. It’s an area that I don’t know anything about. Your explanation makes sense.
What is interesting about this hack is not who got hit, but how it was done.
A vendor to Solar Winds inserted malicious code into their Orion management tool.
The keys to the kingdom reside in such tools…access to everything to monitor, administrate, and maintain the enterprise.
this is why supply chain management is no joke, but is so very difficult.
What is even better, FireEye was also compromised and lost their hacking tools to the actor.
Attacks like this have long lead times and require trusted insiders to achieve. I’m sure Solar Winds had never had any reason to suspect their code suppliers. But the code was not systematically checked and this happened.
BTW, Trump firing the CISA director last summer is related to the failure of CISA to even begin addressing IT supply chain security in a systematic way.
Cybersecurity is hard but attacking is relatively easier. Security has to be right all of the time, but the attacker only has to be right once.
It is also important to note that Bill Gates’ love of lockdowns is really rooted in MS sales. More remote work means more money for his stock value. But, more remote workers adds immeasurably to the complexity of what is being defended, increasing attack surface geometrically compared to being in office. Either way, Gates gets richer.
Solar Winds. Hmmm. Haven’t we have heard that name somewhere else recently?
China is showing Biden and Congress
Who’s the Boss
No surprise here.
A million bucks says nothing is done
Except it’s Russia here, not China.
It’s China. Follow the supply chain. Russia has other targets that are far more…lucrative.
The articles, and sources, all say Russia for this.
China certainly tries this sort of stuff, too, but by all credible accounts, this one was Russia.
And where did they get the technical knowledge to do it? Hmmm???
Hmmm !!!!!
China !!!!
Bullshit
Per several people I know in the tech industry
This is CHINA all the way. And has been for the last
20 years !!!!!
Don’t forget he still thinks China isn’t communist.
Good grief:
https://valorguardians.com/blog/?p=108371#comment-3343099
Now, go on, explain to me how China’s economic system amounts to public ownership and control of production? I’ll eagerly await any mental gymnastics you attempt.
Politically is a different story.
Simple. If the state wants it, the state takes it. That means at best everyone else is a tenant. Go against the party and go to a re-education camp.
Oh, well, gosh. If you know several people in tech who feel it’s China, how could one ever dispute that?
Except, you know, for all the national security officials and industry experts weighing in saying it’s likely Russia.
Let’s blame Russia
For everything
Typical Democrat
Talking point
I’m off the cool-aid
Sorry
They only want to scream “Russia, Russia!!” so they can cover for the Chicoms, the real threat, but ultimately their paymasters.
Yes, noted liberal outlets like the WSJ and Mike Pompeo (D, presumably) are just screaming Russia to cover for China in this case:
https://www.wsj.com/articles/suspected-russian-hack-said-to-have-gone-undetected-for-months-11607974376
I eagerly await the evidence you have suggesting this is China, since evidently the highest levels of our own government think otherwise.
Hey CCP! You already have my finger prints and datas so you’ll recognize this digit! -throws a double, one-finger salute-
Sit and spin, you commie p**sies!
Low key, can we color rev the mainland so the Republic of China (read: Taiwan) can take’er over?
Lars says CCP are better than urunj man.
Gee, now that the Simple-Minded Socialist Sundowner has been installed (NOT elected), the CHICOMs will no longer have to hack anything. They’ll have unfettered access to whatever they wish.
They had an 8-yr run of gifts of technology so are well down that road already. At least then there was some effort made to hide the giveaway. Will there now be any effort to create “plausible deniability?” We shall soon see.
“They’ll have unfettered access to whatever they wish.”
And they won’t need any Hunters to find it for them…