Friday, December 18, 2020

Intelligent Experts: U.S. Hit By 'Digital Pearl Harbor'


Intel Experts Claim the US Was Hit By a “DIGITAL PEARL HARBOR”




On December 7, 1941 Japanese forces hit the US base at Pearl Harbor in a surprise attack just before 8 AM in the morning. The Japanese managed to destroy or damage nearly 20 American naval vessels, including eight battleships, and over 300 airplanes. More than 2,400 Americans died in the attack.

Today intel experts are comparing the latest intelligence breach on the US government to a “Digital Pearl Harbor.”



Hackers have allegedly gained access to the network of the agency which maintains the NUCLEAR STOCKPILE. DIGITAL. PEARL. HARBOR.
Quote Tweet
The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks as part of an extensive espionage operation politi.co/2WsGoIq


There is now a call for Executive Order 13848 – a report is due to the President today:







The National Nuclear Security Administration (NNSA), the U.S. agency that manages the nation’s stockpile of nuclear weapons, is the latest in federal agencies hacked, according to a new report on Thursday.

Officials close to the matter told Politico that the NNSA has evidence of hackers gaining access to the agency’s networks in a mass spy operation that also hacked various other U.S. agencies. The officials don’t yet know what information hackers have been able to access or steal – and it may take weeks to find out.

In addition to evidence of hacking in the NNSA’s networks, officials also identified suspicious network activity in the networks of The Energy Department, the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories.

NNSA manages the nation’s nuclear weapons, while the Sandia and Los Alamos labs perform research on nuclear weapons and nuclear power.

The latest agencies are believed to have been accessed via software provided by SolarWinds, which estimates that up to 18,000 of its users – government and private clients alike – could’ve been hacked. Other users of SolarWinds software include the Department of Defense, the State Department, and others.

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA) and Office of the Director of National Intelligence (ODNI) released a joint statement on Wednesday confirming a “significant and ongoing cybersecurity campaign,” and describing it as a compromise that “has affected networks within the federal government.”





The Cybersecurity and Infrastructure Security Agency (CISA) tonight issued Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors. This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.  

“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation.”  

This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.  





Marisa Herman 


A foreign hack of the U.S. government is even bigger than originally thought, according to the Cybersecurity and Infrastructure Security Agency.

The Washington Examiner reports the agency shared that the cyber hackers gained secretive backdoor access in more ways than just through the publicly known SolarWinds software update being corrupted.

“One of the initial access vectors for this activity is a supply chain compromise of the following SolarWinds Orion products. CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated,” CISA wrote on Thursday, noting that “the SolarWinds Orion supply chain compromise is not the only initial infection vector this advanced persistent threat actor leveraged.”

It also warned that “this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.”

CISA said that the foreign hackers compromised “U.S. government agencies, critical infrastructure entities, and private sector organizations” beginning “at least” in March and that the cyber actors “demonstrated patience, operational security, and complex tradecraft in these intrusions.”

The federal security agency added that it “expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations” and that “it is likely that the adversary has additional initial access vectors and tactics, techniques, and procedures that have not yet been discovered.”





BBC

The US energy department is the latest agency to confirm it has been breached in what is being described as the worst-ever hack on the US government.

The department is responsible for managing US nuclear weapons, but said the arsenal's security had not been compromised.

Tech giant Microsoft also said on Thursday that it had found malicious software in its systems.

Many suspect the Russian government is responsible. It has denied any role.

The US treasury and commerce departments are among the other targets of the sophisticated, months-long breach, which was first acknowledged by officials on Sunday.





Kane



Dominion Voting used the same system, Solar Winds, that Russian hackers may have tapped to snake their way into Treasury accounts. “There is concern within the U.S. intelligence community that the hackers who targeted Treasury and the Commerce Department’s National Telecommunications and Information Administration used a similar tool to break into other government agencies, according to four people briefed on the matter.

 

“The people did not say which other agencies, but late Sunday Austin, Texas-based IT company SolarWinds said software updates it released in March and June of this year may have been surreptitiously tampered with in a “highly-sophisticated, targeted and manual supply chain attack by a nation state.”





Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)