Santa Monica Observer - Community, Diversity, Sustainability and other Overused Words

By Samuel Alioto
Observer Staff Writer 

APT Hack Was "An 11 on a 1-10 Scale, a Nagasaki/Hiroshima Type Event," says Cyber Security Expert

"We have never seen something of this scale, sophistication, or outright scariness. And Russia's handwriting is all over it."

 

December 25, 2020

Putin in front of a computer. There is an assumption that the Russians were behind last month's hack.

December's hack of Federal and other government agencies by, was a major event and Americans should be alarmed by its depth and scale.

"We're talking about compromises in every major area that one could be alarmed about," said the career cyber security expert, who asked not to be named. "Including nuclear, defense, utilities, financial, etc. Both public and private," he said.

"We have never seen something of this scale, sophistication, or outright scariness," he added. He's sure that it's Russia's Cozy Bear hacking group behind the attack, though he would not articulate why.

Russian computer hackers.

"The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations." says the US Government.

The attacks involve a software product called SolarWinds. The Homeland Security Administration recommends disconnecting the software. "SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems. Disconnecting affected devices, as described below in Required Action 2, is the only known mitigation measure currently available," said the government in a press release

 

Reader Comments(0)

 
 

Powered by ROAR Online Publication Software from Lions Light Corporation
© Copyright 2021

Rendered 09/19/2021 00:53