US security agencies have said that Russia was likely behind a massive cyber espionage campaign uncovered at the end of last year, contradicting earlier statements from President Donald Trump, who downplayed the possibility of Moscow’s involvement.
In a joint statement on Tuesday, the FBI, the National Security Agency, the Cybersecurity and Infrastructure Security Agency and the Office of the Director of National Intelligence described the motivation for the attacks as “an intelligence gathering effort”, rather than for the purpose of data manipulation or other more destructive efforts.
“This is a serious compromise that will require a sustained and dedicated effort to remediate,” they said, adding that the perpetrators were “likely Russian in origin”.
The hackers gained access to systems by hijacking software in March from SolarWinds, a Texas-based IT company, which has said that some 18,000 of its government and private sector clients globally may have been exposed.
The agencies said on Tuesday that “a much smaller number have been compromised by follow-on activity on their systems”. It identified “fewer than 10” US federal agencies falling into this category, and said it was “working to identify and notify the nongovernment entities who also may be impacted”.
So far, only the US commerce, energy and Treasury departments have acknowledged publicly that they were breached, together with a handful of companies, including Microsoft and FireEye.
The NSA has said previously that the hackers in some instances posed as legitimate employees to move around undetected and tap sensitive information stored in the cloud.
The latest statement marks the first official attribution of the hack to a nation state, although the intelligence community and several politicians have said that the attack bears the hallmarks of the SVR, Russia’s foreign intelligence service.
However, Mr Trump has previously claimed that the hack was being overhyped “in the fake news media”, adding in a tweet: “Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).”
Russia has denied any involvement.
The agencies described the hack as “ongoing”, as investigators try to identify victims and eject the hackers from their systems once detected, which experts say could take months if not years.
“We are taking all necessary steps to understand the full scope of this campaign and respond accordingly,” the agencies said.
https://news.google.com/__i/rss/rd/articles/CBMiP2h0dHBzOi8vd3d3LmZ0LmNvbS9jb250ZW50L2U2MTMyNWRhLWEwYWUtNDdmZS05OWJmLWIxMGY2MWIyNjU4ZtIBP2h0dHBzOi8vYW1wLmZ0LmNvbS9jb250ZW50L2U2MTMyNWRhLWEwYWUtNDdmZS05OWJmLWIxMGY2MWIyNjU4Zg?oc=5
2021-01-05 22:22:00Z
52781287704432
Tidak ada komentar:
Posting Komentar