Official: Number of Victims of Russian Hack Likely to Grow

The number of federal agencies and private companies who learn that they have been affected by a massive Russian hack is expected to grow as the investigation into it continues, the U.S. government’s chief counterintelligence official said Tuesday.

The FBI and other agencies last week attributed the intrusions to Russia as part of what officials described as an intelligence-gathering operation rather than an effort to damage or disrupt U.S. government operations. U.S. officials said at the time that fewer than 10 federal agencies were believed to have been compromised “by follow-on activity on their systems.”

William Evanina, the director of the U.S. National Counterintelligence and Security Center, said in a live-stream Washington Post interview that he expected to see a “growth” in the number of victims.

Continuous Updates: Everything You Need to Know About the SolarWinds Attack

So far, the list of agencies known to have been affected includes the Treasury, Commerce and Justice departments, among others.

“I think this will expand accordingly as we identify” additional victims, Evanina said. “I think the hard part for the investigators is we don’t know what we don’t know, but I think this will continue to grow.”

The hacking campaign was extraordinary in scale, with the intruders having stalked through government agencies, defense contractors and telecommunications companies for months by the time it was discovered. Experts say that gave the foreign agents ample time to collect data that could be highly damaging to U.S. national security, though the scope of the breaches and exactly what information was sought is unknown.

An estimated 18,000 organizations were affected by malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds.

On Monday, SolarWinds said its investigation found evidence the campaign began in September 2019, with the hackers injecting test code that month. The hackers’ patience was impressive. The malicious code that allowed backdoors to be surreptitiously opened on SolarWinds customers had been hidden in an upgrade by the end of February that was delivered to clients beginning the next month.

It would not be discovered for another nine months.

Related: New Zero-Day, Malware Indicate Second Group May Have Targeted SolarWinds

Related: Investigation Launched Into Role of JetBrains Product in SolarWinds Hack


Related: SolarWinds Taps Ex-CISA Chief Chris Krebs, Former Facebook CSO Alex Stamos

Previous Columns by Associated Press:

Source link

Latest articles

Siemens bringing low code company to China

The Mendix platform announced plans to expand its technology into the Chinese market. ...

The new Raspberry Pi Pico is an incredibly powerful little chip for just $4

The Pico is the first microcontroller board from Raspberry Pi and has been built around...

Amazon Awards $18,000 for Exploit Allowing Kindle E-Reader Takeover

Amazon has awarded an $18,000 bug bounty for an exploit chain that could have allowed an attacker to take complete control of a...

Here’s How SolarWinds Hackers Stayed Undetected for Long Enough

Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay...

Related articles

Leave a reply

Please enter your comment!
Please enter your name here