Russian Hack Used Servers Inside US, Cybersecurity Company Says

All News All News Except Press Releases Fintech Imported

The recently discovered cyber attack on federal government agencies and companies handling data as sensitive as information regarding new nuclear weapons was run from servers within the United States, The New York Times reports.

The intruders’ use of servers within the country made the attack especially potent because of laws that prevent the government’s main cybersecurity operations — especially the National Security Agency — from spying on domestic targets, the Times noted.

Sources told the Times the matter may have been exacerbated by the focus U.S. cyber-defense officials had to put on protecting against Russian interference in the November 2020 elections.

So far, according to the Times, known targets include: the Treasury Department, the State Department, the Commerce Department and the Energy Department. Among the Energy Department’s main jobs is overseeing the many aspects of the country’s nuclear weapons program.

The Times also disclosed that the company whose systems were hijacked for the recent attack, SolarWinds, in recent years had moved much of its software engineering to Eastern European countries where Russia’s security services are powerful.

Sources told the Times it could be months or years before the full extent of the recent Russian attack is clear.

Much of the new information that has emerged about the attack came through work of the cybersecurity firm FireEye, according to the Times. FireEye itself reported in early December that its anti-hacker tools had been compromised by a “highly sophisticated” hacker.

The Times quoted Democratic U.S. Sen. Mark Warner of Virginia as having said, “This is looking much, much worse than I first feared. The size of it keeps expanding. It’s clear the United States government missed it … and if FireEye had not come forward, I’m not sure we would be fully aware of it to this day.”

The recent episode has led to the deep conservation within the ranks of corporate security officials around the country.

Around 250 organizations are known to have been infiltrated, according to the Times.

 

Source: PYMNTS

Facebook Comments