World

Hackers breach US agencies, Homeland Security a reported target

Growing list of federal departments hit include treasury and commerce departments, say US media

Updated 5 years ago · Published on 15 Dec 2020 7:00AM

Hackers breach US agencies, Homeland Security a reported target
The Washington Post has cited unnamed officials who say that the United States Department of Homeland Security – in charge of protecting the country from attacks both online and off – has been added to a growing list of targets in a major cyberattack. – AFP pic, December 15, 2020

NEW YORK – The United States Department of Homeland Security (DHS) was the third federal department to be targeted in a major cyberattack, US media reported yesterday, a day after Washington revealed the hack which may have been coordinated by a foreign government.

The Washington Post cited unnamed officials who said that DHS – which is in charge of protecting the country from attacks both online and off – had been added to a growing list of targets in the attack, including the treasury and commerce departments.

A statement from DHS yesterday did not confirm the report, saying only that it was “aware of cyber breaches across the federal government and working closely with our partners in the public and private sector on the federal response”.

The Cybersecurity and Infrastructure Security Agency (Cisa), which is attached to DHS, said on Sunday that it had ordered federal agencies to immediately stop using SolarWinds Orion IT products following reports that hackers had used a recent update to gain access to internal communications. 

“We urge all our partners – in the public and private sectors – to assess their exposure to this compromise and to secure their networks,” said Cisa acting director Brandon Wales.

SolarWinds over the weekend admitted that hackers had exploited a backdoor in an update of some of its software released between March and June.

The hacks are part of a wider campaign that also hit major cybersecurity firm FireEye, which said its own defenses had been breached by sophisticated attackers who stole tools used to test customers’ computer systems.

FireEye said it suspected the attack was state-sponsored, and warned it could have affected numerous high-profile targets across the globe.

“This campaign may have begun as early as Spring 2020 and is currently ongoing,” FireEye said in a blog post.

The content the hackers have sought to steal – and how successful they have been – is not known at this time. 

“We believe this is nation-state activity at significant scale, aimed at both the government and private sector,” said IT giant Microsoft, which is also investigating, in a blog post. 

While Microsoft refrained from naming a country, several US media pointed the finger at the Russian group “APT29”, also known as “Cozy Bear”.

According to the Washington Post, the group is part of Moscow’s intelligence services, and hacked servers at the State Department and the White House during the Obama administration.

The Russian embassy in the US categorically denied the accusations in a statement on Facebook.

Both the public and private sectors must be increasingly on guard against such hacks, warned Hank Schless, senior manager at Lookout, a California-based mobile security company. 

“Adversarial nation-states have recognised the value in targeting both sectors, which means neither is safe from the types of attacks that have government resources behind them,” he said.

Matt Walmsley of Vectra, which provides cyberattack detection services from its base in California, agreed.

“Security teams need to drastically reduce the overall risk of a breach by gaining instant visibility and understanding of who and what is accessing data or changing configurations, regardless of how they are doing it, and from where,” he said. – AFP, December 15, 2020

Related News

Malaysia / 2y

Does Malaysia’s blueprint to block cyberattacks have real byte?

Malaysia / 3y

[UPDATED] Hacker defaces Immigration website

Malaysia / 3y

[UPDATED] MySejahtera ‘Super Admin’ downloaded 3 mil users’ data to protect it: deputy minister

Business / 3y

Maybank says probing into ‘Pendakwah Teknologi’ data leak claim

Business / 3y

‘Cyberattacks on vital infrastructure sectors in Asean see alarming rise’

World / 3y

Belgium accuses China over ‘malicious cyber activities’

Spotlight

Opinion

When bullying turns violent, Malaysia must confront what is happening inside schools

By The Vibes Says

Malaysia

Malaysia-Thailand open historic border crossing to deepen trade, regional integration

By Ian McIntyre

Malaysia

Gerak Khas drama actress, Tisha Samsir denies drug involvement

Malaysia

Student stabbing: Teenage girl sent to Hospital Bahagia for psychiatric evaluation

Malaysia

Anwar wishes Tun M a happy 101st birthday

World

Israel shares intelligence with US over alleged Iranian plot to assassinate Trump

Malaysia

EPF members withdraw RM19.87 billion from Flexible Account as of May 31

Malaysia

Melaka: Student who was allegedly bullied chases schoolmate with box cutter

World

Fresh US-Iran strikes deepen Middle East crisis as ceasefire crumbles

You may be interested

World

Fresh US-Iran strikes deepen Middle East crisis as ceasefire crumbles

World

China flood death toll rises to 39 in Guangxi as rescue teams race against further typhoon threat

World

Israel shares intelligence with US over alleged Iranian plot to assassinate Trump

World

AI set to reshape nearly 80 million jobs across Southeast Asia without mass layoffs

World

Sri Lanka moves to ease prison overcrowding after deadly Negombo riot kills 28

World

Fujian shoe factory fire kills 28 as China orders full investigation into deadly blaze

World

Fresh US strikes on Iran deepen ceasefire crisis as Trump warns of escalation

World

Cargo plane wreckage found off Pakistan as search for 5 crew members continues