• 320 days Could Crypto Overtake Traditional Investment?
  • 325 days Americans Still Quitting Jobs At Record Pace
  • 327 days FinTech Startups Tapping VC Money for ‘Immigrant Banking’
  • 330 days Is The Dollar Too Strong?
  • 330 days Big Tech Disappoints Investors on Earnings Calls
  • 331 days Fear And Celebration On Twitter as Musk Takes The Reins
  • 333 days China Is Quietly Trying To Distance Itself From Russia
  • 333 days Tech and Internet Giants’ Earnings In Focus After Netflix’s Stinker
  • 337 days Crypto Investors Won Big In 2021
  • 337 days The ‘Metaverse’ Economy Could be Worth $13 Trillion By 2030
  • 338 days Food Prices Are Skyrocketing As Putin’s War Persists
  • 341 days Pentagon Resignations Illustrate Our ‘Commercial’ Defense Dilemma
  • 341 days US Banks Shrug off Nearly $15 Billion In Russian Write-Offs
  • 344 days Cannabis Stocks in Holding Pattern Despite Positive Momentum
  • 345 days Is Musk A Bastion Of Free Speech Or Will His Absolutist Stance Backfire?
  • 345 days Two ETFs That Could Hedge Against Extreme Market Volatility
  • 347 days Are NFTs About To Take Over Gaming?
  • 348 days Europe’s Economy Is On The Brink As Putin’s War Escalates
  • 351 days What’s Causing Inflation In The United States?
  • 352 days Intel Joins Russian Exodus as Chip Shortage Digs In
  1. Home
  2. News
  3. Breaking News

Hackers Are Having A Hayday Amid Election Chaos

Hackers Are Having A Hayday Amid Election Chaos

It is likely now that Russian authorities knew before anyone else did that U.S. President Donald Trump would fire Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency, which was announced on Twitter.

For at least the past nine months, while the U.S. authorities were consumed with political spats and the pandemic, further complicated by various, daily personnel changes within the agencies, a hacker group said to be linked to the Russian government reportedly breached an unknown number of businesses and state agencies, including the Office of President of the United States.

According to media reports, Russian hackers got inside the server of a network management system called SolarWinds, whose client list includes all five branches of the U.S. military and the White House. The software company is also used by the top U.S. telecommunications companies.

There are more than 300,000 clients on this list, including "more than 425 of the U.S. Fortune 500," as well as the U.S. Treasury and Commerce departments; however, the full scope of the breach still remains unclear.

SolarWinds said up to 18,000 of its customers had downloaded a compromised software update that allowed hackers to spy on them for almost nine months.

The White House confirmed that hackers had gained access to the two departments and monitored internal emails.

The U.S. Cybersecurity and Infrastructure Security Agency issued a rare emergency directive and instructed all federal civilian agencies to power down SolarWinds products immediately. 

The hackers also broke into FireEye, a top cybersecurity firm with government and commercial contracts, and stole hacking tools the firm uses to test clients’ computer defenses. 

As reported by Reuters, this cyber-espionage campaign dates back months and appears to be the work of the hacking group known as “Cozy Bear” or “APT29”. 

The group is thought to be linked to Russia’s foreign intelligence service, or the SVR RF, which collaborates with the country’s Federal Security Service (FSB).

In its own statement, the U.S. government did not name Russia or any other actor as being responsible. Yet, the Russian Embassy in the U.S. posted on its Facebook page that this is another “unfounded attempt of the U.S. media to blame Russia for hacker attacks on U.S. governmental bodies”.

Still, the Cozy Bear group is not a stranger to U.S. authorities. According to security firm CrowdStrike, Cozy Bear was involved in the hack on the Democratic National Committee (DNC) during the U.S. presidential election in 2016.

Some of its hackers were publicized by special counsel Robert Mueller following his 2018 investigation into Russian interference during the campaign.

With the start of the pandemic outbreak, many cybercriminals pledged not to attack health-care providers. But this “honor amongst thieves” never included state-sponsored cyberattacks, and clearly plenty of hackers failed to get the memo.   Since March, phishing attacks have jumped more than 600%, targeting businesses, individuals and various levels of governmental agencies. 

In July, British, American, and Canadian intelligence agencies accused Cozy Bear hackers of using phishing emails to deceive researchers at universities, private companies, and elsewhere.

Separately, the researchers at Barracuda Networks tracked almost 10,0000 attempted phishing email cyberattacks linked to the coronavirus crisis since the beginning of March. The hackers have also targeted the US Department of Health, prompting an FBI warning that hackers had attempted to infiltrate medical facilities associated with COVID-19 vaccine research. 

In May, the Trump administration called out the Chinese and Iranian governments over alleged attempts to hack and steal information for developing a coronavirus vaccine.

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said that state-sponsored Chinese hackers were targeting US researchers, both state-run and private, in cyberattacks seeking information on vaccines for COVID-19. "China's efforts to target these sectors pose a significant threat to our nation's response to COVID-19," CISA and the FBI said.

Back to homepage

Leave a comment

Leave a comment