APT Hack Was "An 11 on a 1-10 Scale, a Nagasaki/Hiroshima Type Event," says Cyber Security Expert
"We have never seen something of this scale, sophistication, or outright scariness. And Russia's handwriting is all over it."
December 25, 2020
December's hack of Federal and other government agencies by, was a major event and Americans should be alarmed by its depth and scale.
"We're talking about compromises in every major area that one could be alarmed about," said the career cyber security expert, who asked not to be named. "Including nuclear, defense, utilities, financial, etc. Both public and private," he said.
"We have never seen something of this scale, sophistication, or outright scariness," he added. He's sure that it's Russia's Cozy Bear hacking group behind the attack, though he would not articulate why.
"The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations." says the US Government.
The attacks involve a software product called SolarWinds. The Homeland Security Administration recommends disconnecting the software. "SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems. Disconnecting affected devices, as described below in Required Action 2, is the only known mitigation measure currently available," said the government in a press release