Phần mềm hack facebook 2015

     

The AP.. reports that the suspected Russian hacking group breached high-màn chơi accounts in DHS, one of nine federal agencies the hackers targeted.

Bạn đang xem: Phần mềm hack facebook 2015



*

US intelligence agencies have sầu said Russia is responsible for a major hacking chiến dịch that struck federal agencies & prominent tech companies.

Angela Lang/web5s.com.vn

A sophisticated malware campaign attributed to lớn Russian intelligence breached the gmail accounts of government officials tasked with identifying foreign threats to US national security, according to an AP report Monday. Chad Wolf, appointed acting secretary of the US Department of Homelvà Security by President Donald Trump in December 2019, was reportedly ahy vọng the officials whose gmail accounts were hacked. Other DHS high-màn chơi DHS officials saw their accounts hacked, too.

It"s the lakiểm tra update on a hacking campaign that used tainted software from IT management company SolarWinds, as well as other hacking techniques, to lớn breach thousands of organizations and tunnel deeper into at least nine federal agencies & 100 private companies. The breached tin nhắn accounts indicate that not even the government agency in charge of defending the US from foreign hacking attacks was immune from the far-reaching hacking campaign, which lawmakers attributed in part lớn barriers to communication between private companies and the federal government during a Feb. 26 hearing of the House Oversight & Homelvà Securities committees.


Austin, Texas-based SolarWinds sells software that lets an organization see what"s happening on its computer networks. In the attack, hackers inserted malicious code into lớn an update of Orion, the company"s software platsize. Around 18,000 SolarWinds customers installed the tainted update onto their systems, the company said, and hackers chose a select number of them khổng lồ infiltrate further.

The hackers used the malware planted in SolarWinds" Orion products to breach about 60 percent of the victims. Investigators are still unraveling the other hacking techniques used, according to lớn testimony at a Feb. 23 Senate Intelligence Committee hearing. The hackers also used cloud hosting from Amazon Web Services khổng lồ disguise their intrusions as benign network traffic. 

Still unknown is whether the hackers carried out similar attacks on software vendors other than SolarWinds, creating more than one baông xã door for their victims khổng lồ unwittingly install on their own systems. Hackers also could have used more rudimentary approaches khổng lồ breach target systems, including phishing or guessing passwords for administrator accounts with high levels of access to company systems.

Microsoft President Brad Smith told senators in February that we may never know the exact number of attack vectors hackers used lớn access victims" systems. He went on khổng lồ say it would make sense to lớn create a requirement for companies khổng lồ bring breaches khổng lồ the attention of the federal government, which said it was investigating the breach as "significant and ongoing" in December.

More information is likely lớn emerge about the compromises và their aftermath. Here"s what you need khổng lồ know about the hacks: 

Which government agencies were affected by hacking campaign?

According khổng lồ reports from Reuters, The Washington Post and The Wall Street Journal, the update containing malware affected the US departments of Homel& Security, State, Commerce and Treasury, as well as the National Institutes of Health. Polititeo reported on Dec. 17 that nuclear programs run by the US Department of Energy và the National Nuclear Security Administration were also targeted. 

The APhường reported on March 29 that the hackers infiltrated gmail accounts belonging to lớn then-Acting Secretary Chad Wolf, as well as DHS officials in charge of identifying foreign threats khổng lồ national security. The agency didn"t respond to lớn a request lớn confirm the breach, but the AP reported that Wolf và other employees used new phones with encrypted messaging tiện ích Signal on them khổng lồ communicate in the aftermath of the haông chồng.

Reuters reported on Dec. 23 that CISA has added local và state governments to the danh sách of victims. According to CISA"s website, the agency is "tracking a significant cyber incident impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities & other private sector organizations."

It"s still unclear what information, if any, was stolen from government agencies, but the amount of access appears lớn be broad.

Though the Energy Department, the Commerce Department & the Treasury Department have acknowledged the hacks, there"s no official confirmation that other specific federal agencies have been hacked. However, the Cybersecurity & Infrastructure Security Agency put out an advisory urging federal agencies khổng lồ mitigate the malware, noting that it"s "currently being exploited by malicious actors." 

In a statement on Dec. 17, then-President-elect Joe Biden said his administration would "make dealing with this breach a top priority from the moment we take office." On Dec. 23, the Washington Post reported that the incoming Biden administration was preparing sanctions against Russia for its alleged actions, on the basis that the hacking chiến dịch went beyond typical espionage efforts because it was "indiscriminate" in who it hit with the tainted software update.

How did hackers sneak malware inlớn a software update?

Hackers managed to lớn access a system that SolarWinds uses to put together updates to its Orion sản phẩm, the company explained in a Dec. 14 filing with the SEC. From there, they inserted malicious code into otherwise legitimate software update. This is known as a supply chain attaông xã because it infects software as it"s under assembly.

It"s a big coup for hackers to lớn pull off a supply chain attack because it packages their malware inside a trusted piece of software. Hackers typically have to lớn exploit unpatched software vulnerabilities on their targets" systems lớn gain access, or triông chồng individual targets inlớn downloading malicious software with a phishing chiến dịch. With a supply chain attack, the hackers could rely on several government agencies & companies lớn install the Orion update at SolarWinds" prompting. 

The approach is especially powerful in this case because thousands of companies & government agencies around the world reportedly use the Orion software. With the release of the tainted software update, entities on SolarWinds" vast customer list became potential hacking targets.

Did hackers use the tainted SolarWinds update in every breach?

No. According to lớn government investigators, the hackers used other techniques lớn breach target systems in 30 percent of the breaches discovered. Brandon Wales, acting director of the Cybersecurity và Infrastructure Security Agency told The Wall Street Journal on Jan. 29 that hackers used a variety of creative sầu techniques to carry out the hacking chiến dịch.

"It is absolutely correct that this campaign should not be thought of as the SolarWinds campaign," he said.

This followed a Jan. 27 blog post from cybersecurity firm Malwarebytes saying the same hackers had penetrated the company"s systems, but not through the poisoned SolarWinds update. Instead, the hackers gained entry lớn Microsoft services running on Malwarebytes" systems by abusing third-buổi tiệc ngọt apps with privileged access to Office 365 và Azure products.

At the Senate Intelligence Committee hearing on Feb. 23, Microsoft President Brad Smith said it may never be known how many attaông chồng vectors the hackers used in the series of breaches. Additionally, hackers used Amazon Web Services cloud hosting to lớn run programs that communicated with & controlled the malicious code they installed on victimized systems.

Amazon didn"t sover a representative khổng lồ testify at the hearing. The company confirmed that the hackers used its infrastructure, and clarified that Amazon doesn"t use SolarWinds software products và wasn"t infected with the malware.

Xem thêm: Giới Thiệu Công Ty Tnhh Mỹ Phẩm Việt Hương Cosmetics, Công Ty Tnhh Mỹ Phẩm Việt Hương

What vì chưng we know about Russian involvement in the compromise of SolarWinds" systems?

US intelligence officials have publicly blamed the supply-chain attaông xã targeting SolarWinds" internal systems on Russia. The FBI và NSA joined the Cybersecurity and Infrastructure Security Agency and the Office of the Director of National Intelligence on Jan. 5 in saying the hachồng was "likely Russian in origin," but stopped short of naming a specific hacking group or Russian government agency as being responsible.

The joint intelligence statement followed remarks from then-Secretary or State Mike Pompeo in a Dec. 18 interview in which he attributed the hack khổng lồ Russia. Additionally, news outlets had cited government officials throughout the previous week who said a Russian hacking group is believed to be responsible for the malware chiến dịch. This countered speculation by then-President Donald Trump that Trung Quốc might be behind the attaông chồng.

SolarWinds and cybersecurity firms have attributed the haông xã khổng lồ "nation-state actors" but haven"t named a country directly.

In a Dec. 13 statement on Facebook, the Russian embassy in the US denied responsibility for the SolarWinds hacking chiến dịch. "Malicious activities in the information space contradict the principles of the Russian foreign policy, national interests và our understanding of interstate relations," the embassy said, adding, "Russia does not conduct offensive operations in the cyber domain."

Nicknamed APT29 or CozyBear, the hacking group pointed to by news reports has previously been blamed for targeting tin nhắn systems at the State Department và Nhà Trắng during the administration of President Barachồng Obama. It was also named by US intelligence agencies as one of the groups that infiltrated the email systems of the Democratic National Committee in 2015, but the leaking of those emails isn"t attributed to lớn CozyBear. (Another Russian agency was blamed for that.)

More recently, the US, UK & Canadomain authority have sầu identified the group as responsible for hacking efforts that tried lớn access information about COVID-19 vaccine research.

Why is the supply chain hachồng a big deal?

In addition lớn gaining access khổng lồ several government systems, the hackers turned a run-of-the-mill software update inkhổng lồ a weapon. That weapon was pointed at thousands of groups, not just the agencies và companies that the hackers focused on after they installed the tainted Orion update.

On Dec. 17, Microsoft"s Smith called this an "act of recklessness" in a wide-ranging blog post that explored the ramifications of the haông chồng. He didn"t directly attribute the haông xã to lớn Russia but described its previous alleged hacking campaigns as proof of an increasingly fraught cyber conflict.

"This is not just an attaông xã on specific targets," Smith said, "but on the trust and reliability of the world"s critical infrastructure in order lớn advance one nation"s intelligence agency." He went on lớn Gọi for international agreements to limit the creation of hacking tools that undermine global cybersecurity.

Former Facebook cybersecurity chief Alex Stamos said Dec. 18 on Twitter that the haông chồng could lead to supply chain attacks becoming more common. However, he questioned whether the hachồng was anything out of the ordinary for a well-resourced intelligence agency.

"So far, all of the activity that has been publicly discussed has fallen into lớn the boundaries of what the US does regularly," Stamos tweeted.

Which private companies were hit with the malware?

Microsoft and FireEye, a cybersecurity firm, were both breached khổng lồ differing levels. FireEye confirmed Dec. 13 that it was infected with the malware & was seeing the infection in customer systems as well. Microsoft confirmed on Dec. 17 that it found indicators of the malware in its systems, after confirming several days earlier that the breach was affecting its customers. 

Microsoft said the hackers didn"t access any of its own critical systems. Microsoft President Smith said in February that the company has notified 60 of its business customers they had been targeted in the SolarWinds hacking campaign. A Reuters report also said that Microsoft"s own systems were used khổng lồ further the hacking campaign, but Microsoft denied this clayên ổn khổng lồ news agencies. 

The company has taken on a prominent role in fighting the reach of the malware. On Dec. 16, for example, the company began quarantining the versions of Orion known to lớn contain the malware, in order to cut hackers off from its customers" systems.

On Dec. 21, The Wall Street Journal said it had uncovered at least 24 companies that had installed the malicious software. These include tech companies Cisteo, Hãng Intel, Nvidia, VMware và Belkin, according khổng lồ the Journal. The hackers also reportedly had access to lớn the California Department of State Hospitals and Kent State University.

It"s unclear which of SolarWinds" other private sector customers saw malware infections. The company"s customer danh mục includes large corporations, such as AT&T, Procter & Gamble & McDonald"s. The company also counts governments and private companies around the world as customers. FireEye says many of those customers were infected.

Is this the only hacking campaign exploiting SolarWinds software?

SolarWinds has also come under scrutiny for vulnerabilities in its software. These are coding errors và aren"t the result of attackers entering SolarWinds systems to lớn implant malware. Instead, hackers must access victim systems and then exploit the flaws in Orion software running there.

In December, security researchers said forensic investigations of Orion software on systems affected by the tainted update also showed signs that a completely distinct group of attackers was also targeting organizations through Orion. On Feb. 2, Reuters reported that government officials believe sầu a group of suspected Chinese hackers had hacked federal government agencies using a software flaw in Orion. A spokesman for the US Department of Agriculture"s National Finance Center disputed Reuters" report that hackers had breached its systems.

Xem thêm: Ngành Ngân Hàng: Ngân Hàng Việt Ở Đâu Trên Bản Đồ Châu Á, Kênh Thông Tin Kinh Tế

On Feb. 3, researchers from cybersecurity firm Trustwave released information on three vulnerabilities in SolarWinds" software products. The bugs have been patched, & there"s no indication they were used in any hacking attacks.

Correction, Dec. 23: This story has been updated to lớn clarify that SolarWinds makes IT management software. An earlier version of the story misstated the purpose of its products.


Chuyên mục: Marketing online