Russian hackers – Page 2 – WindowsTechs.com

White House slaps sanctions on Russian cyber activities while blaming SVR for SolarWinds campaign

Posted on April 15, 2021 by Sean Lyngaas

The Biden administration on Thursday imposed sweeping sanctions on Russian intelligence operatives for their alleged interference in the 2020 U.S. election, and on Russian companies for allegedly supporting Moscow’s extensive cyber-espionage operations. The Treasury Department sanctioned 32 organizations and individuals for their alleged influence operations aimed at the U.S. election. The White House said it was part of an effort to “disrupt the coordinated efforts of Russian officials, proxies, and intelligence agencies to delegitimize our electoral process.” As part of the crackdown, Treasury sanctioned six Russian tech firms for allegedly providing support to Russian intelligence services’ hacking operations by developing malicious software or setting up IT infrastructure. U.S. officials also made official what had long been rumored: They believe with “high confidence” that Russia’s foreign intelligence agency, the SVR, carried out the hacking campaign that has exploited software made by contractor SolarWinds and other vendors to infiltrate nine U.S. agencies […]

The post White House slaps sanctions on Russian cyber activities while blaming SVR for SolarWinds campaign appeared first on CyberScoop.

Continue reading White House slaps sanctions on Russian cyber activities while blaming SVR for SolarWinds campaign→

NSA, FBI, DHS expose Russian intelligence hacking tradecraft

Posted on April 15, 2021 by Shannon Vavra

The U.S. government warned the private sector Thursday that Russian government hackers working for Russia’s Foreign Intelligence Service (SVR) are actively exploiting five known vulnerabilities to target U.S. companies and the defense industrial base. The National Security Agency, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) urged system administrators to patch immediately against the vulnerabilities the hackers, also known at APT29 or Cozy Bear, are exploiting. The SVR hackers are specifically actively exploiting vulnerabilities in Fortinet FortiGate VPN, Synacor Zimbra Collaboration Suite, Pulse Secure Pulse Connect Secure VPN, Citrix Application Delivery Controller and Gateway and VMware Workspace ONE Access to gain initial footholds into networks, the government said in its alert. The hackers have been using these initial footholds to collect victims’ authentication credentials to burrow further into networks. The announcement coincides with the U.S. intelligence community’s formal attribution of the supply chain hack […]

The post NSA, FBI, DHS expose Russian intelligence hacking tradecraft appeared first on CyberScoop.

Continue reading NSA, FBI, DHS expose Russian intelligence hacking tradecraft→

Russian man pleads guilty to Tesla hacking plot

Posted on March 19, 2021 by Shannon Vavra

A 27-year-old Russian has pleaded guilty to working to recruit a Tesla employee to hack the Nevada-based company last year. The man, Egor Igorevich Kriuchkov, last year tried to convince the unnamed employee to launch malware against the company’s computer network, allowing Kriuchkov and co-conspirators to steal data, according to court documents and admissions in court, the Department of Justice announced. The plan was that Kriuchkov and his co-conspirators would then conduct a distributed denial-of-service attack against Tesla in order to distract the company from the malware, and then extort the company with threats to disclose the purloined information, according to court documents. Kriuchkov allegedly traveled between Russia, California and Nevada on multiple occasions last year to try to convince the employee to help with the scheme, promising the employee bitcoin as payment. Kriuchkov also provided the employee, who is not named in court documents, a phone and taught them […]

The post Russian man pleads guilty to Tesla hacking plot appeared first on CyberScoop.

Continue reading Russian man pleads guilty to Tesla hacking plot→

Twitter Removes Russian Disinformation Accounts

Posted on March 2, 2021 by Christopher Burgess

On Feb. 23, 2021 Twitter booted a gaggle of accounts from its platform, including those determined to be associated with the Russian government and the well-known disinformation machine Internet Research Agency (IRA). Twitter regularly culls users; th… Continue reading Twitter Removes Russian Disinformation Accounts→

Symantec connects another hacking tool to SolarWinds breach

Posted on January 19, 2021 by Sean Lyngaas

Private sector analysts uncovered new hacking tools thought to be used in a suspected Russian spying operation in the latest example of how, as the investigation into the SolarWinds breach continues, the plot only thickens. Security firm Symantec on Tuesday said it had found previously undocumented malicious code that the attackers used to move through victim networks and then transmit additional malware onto specific computers. The attackers installed the malicious code, dubbed Raindrop, on a handful of carefully chosen computers in an effort to spy on them, according to the latest findings. The discovery underscores the range of tools the accused hackers had at their disposal — some to gain access to computer networks, others to sift through data — in a historic campaign that has infiltrated multiple U.S. federal agencies and consumed investigators at top security firms. U.S. federal investigators have said the hacking campaign is “likely Russian in origin.” Moscow […]

The post Symantec connects another hacking tool to SolarWinds breach appeared first on CyberScoop.

Continue reading Symantec connects another hacking tool to SolarWinds breach→

FBI aims for stronger cyber strategy as US grapples with SolarWinds fallout

Posted on January 13, 2021 by Sean Lyngaas

While dealing with a massive cyber-espionage campaign against the U.S. government, the FBI is trying to quietly implement a new strategy aimed at better tracking foreign hackers. FBI officials last spring gave the head of the National Cyber Investigative Joint Task Force (NCIJTF) — a group of intelligence, law enforcement and defense officials who track hacking threats — a more senior role within the bureau, according to Tonya Ugoretz, deputy assistant director in the FBI’s cyber division. The result is that a senior FBI official now leads an interagency group whose work could lead to offensive cyber-operations, sanctions or State Department démarches — or all three. Herb Stapleton, the former head of the FBI’s the head of FBI’s Cyber Crime Operations, is filling that role. The goal of the strategy, which the FBI unveiled in September, is to disrupt foreign cyber operations against U.S. assets by “changing the risk calculus” of adversaries, as […]

The post FBI aims for stronger cyber strategy as US grapples with SolarWinds fallout appeared first on CyberScoop.

Continue reading FBI aims for stronger cyber strategy as US grapples with SolarWinds fallout→

SolarWinds details stealthy code used to launch hacking campaign

Posted on January 11, 2021 by Sean Lyngaas

SolarWinds, the federal contractor at the center of a sweeping suspected Russian hacking campaign, on Monday identified malicious code the company says attackers used to manipulate its software, and remain undetected for months. The code was designed to inject another piece of custom malicious software into Orion, the SolarWinds software used by numerous Fortune 500 companies and federal agencies, “without arousing the suspicion of our software development and build teams,” Sudhakar Ramakrishna, the new CEO of SolarWinds, wrote in a blog post. The discovery adds to the public understanding of one of the most complex digital espionage operations in recent memory. The attackers have used not only SolarWinds’ software, but other digital entry points in carrying out the hack, which has affecting major firms including Microsoft and FireEye, as well as multiple federal agencies. Security firm CrowdStrike, which helped find the new malicious code, said the code monitors software processes […]

The post SolarWinds details stealthy code used to launch hacking campaign appeared first on CyberScoop.

Continue reading SolarWinds details stealthy code used to launch hacking campaign→

More federal victims of SolarWinds hacking likely to come forward, CISA chief says

Posted on January 11, 2021 by Sean Lyngaas

The number of federal agencies confirmed to have been breached in a suspected Russian espionage campaign will likely increase as the investigation continues, the head of the U.S Cybersecurity and Infrastructure Security Agency said. “The number [of federal victims] is likely to grow with further investigation,” Brandon Wales, CISA’s acting director, said in an interview Friday. “That being said, we do believe that the number will remain extremely small because of the highly targeted nature of this campaign. And that is going to be true for both government and private-sector entities compromised.” Wales is a career civil servant who found himself at the helm of the Department of Homeland Security’s cybersecurity agency in mid-November after President Donald Trump fired Chris Krebs. Wales has been quarterbacking CISA’s response to a sweeping breach of federal and corporate networks, in which suspected Russian hackers exploited the reach of software made by the contractor […]

The post More federal victims of SolarWinds hacking likely to come forward, CISA chief says appeared first on CyberScoop.

Continue reading More federal victims of SolarWinds hacking likely to come forward, CISA chief says→

SolarWinds hires Chris Krebs, Alex Stamos to boost security in wake of suspected Russian hack

Posted on January 8, 2021 by Sean Lyngaas

Software provider SolarWinds, which was breached in a suspected Russian hacking campaign against U.S. companies and federal agencies, has hired former senior U.S. cybersecurity official Chris Krebs and former Facebook security chief Alex Stamos to help respond to the hack and improve its security practices. Krebs and Stamos will work as consultants for Texas-based SolarWinds as it continues to deal with the fallout of a hacking operation that has roiled Washington and is considered one of the more significant cyber-espionage campaigns against U.S. agencies in years. “Armed with what we have learned of this attack, we are also reflecting on our own security practices and seeking opportunities to enhance our posture and policies,” SolarWinds said in a statement. “We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry leading secure software […]

The post SolarWinds hires Chris Krebs, Alex Stamos to boost security in wake of suspected Russian hack appeared first on CyberScoop.

Continue reading SolarWinds hires Chris Krebs, Alex Stamos to boost security in wake of suspected Russian hack→

Sen. Warner accuses White House of weakening statement attributing SolarWinds hack to Russia

Posted on January 7, 2021 by Sean Lyngaas

An influential Senate Democrat who will soon chair the intelligence committee on Thursday accused the White House of “water[ing] down” the U.S. government’s public statement linking a hacking campaign to Russia, and suggested more high-profile corporations had been breached. “We know who it was,” Sen. Mark Warner, D-Va., said in reference to the espionage campaign in which attackers leveraged the software built by federal contractor SolarWinds to compromise multiple federal agencies. “And this White House has again water-downed the attribution statements that should have been made in one more outrageous effort to constantly underestimate and underreport on Russian activity.” He spoke at an event held by the Aspen Institute. U.S. intelligence and national security agencies on Tuesday said the hacking campaign was “likely Russian in origin,” calling it “a serious compromise that will require a sustained and dedicated effort to remediate.” A person familiar with internal U.S. government deliberations on […]

The post Sen. Warner accuses White House of weakening statement attributing SolarWinds hack to Russia appeared first on CyberScoop.

Continue reading Sen. Warner accuses White House of weakening statement attributing SolarWinds hack to Russia→