Security News

Hackers broke into systems used by top US Treasury officials during a massive cyberattack on government agencies and may have stolen essential encryption keys, a senior lawmaker said Monday. Senator Ron Wyden, who sits on both the Senate Intelligence and Finance Committees, said after a closed-door briefing that the hack at the US Treasury Department "Appears to be significant."

While analyzing artifacts from the SolarWinds Orion supply-chain attack, security researchers discovered another backdoor that is likely from a second threat actor. The analysis shows that the threat actor added in the legitimate SolarWinds file four new parameters to receive signals from the command and control infrastructure.

Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China - not Russia - may be behind the cyberattack against the United States and tried to minimized its impact. Officials at the White House had been prepared to put out a statement Friday afternoon that accused Russia of being "The main actor" in the hack, but were told at the last minute to stand down, according to one U.S. official familiar with the conversations who spoke on condition of anonymity to discuss private deliberations.

NATO said Saturday it was checking its computer systems after a massive cyberattack on US government agencies and others that Washington blamed on Moscow. "At this time, no evidence of compromise has been found on any NATO networks. Our experts continue to assess the situation, with a view to identifying and mitigating any potential risks to our networks," a NATO official told AFP. Microsoft said Thursday its anti-virus software detected intrusions in dozens of networked systems, most of them in the United States, via software supplied by US tech company SolarWinds.

Russia was "Pretty clearly" behind a devastating cyberattack on several US government agencies that also hit targets worldwide, Secretary of State Mike Pompeo said. "There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems," Pompeo told The Mark Levin Show on Friday.

Since the SolarWinds supply chain attack was disclosed in December, there has been a whirlwind of news, technical details, and analysis released about the hack. The information is distilled into a format that will hopefully explain the attack, who its victims are, and what we know to this point.

State-sponsored hackers who exploited a security hole in a SolarWinds monitoring tool to infiltrate government and business networks have apparently left a long line of victims in their wake. Asserting that this threat "Poses a grave risk" to the federal, state, and local governments as well as to critical infrastructure providers and the private sector, CISA sees the removal of the attackers from compromised networks as a highly complex and challenging endeavor.

Cyberattack recovery frameworks are a necessary part of cybersecurity. Rolfe developed the model to help the medical field, but it can work equally well as a way to recover from a cybersecurity incident.

The Energy Department and its National Nuclear Security Administration, which is the agency that maintains the U.S. nuclear stockpile, have been compromised as part of the widespread cyberattack uncovered this week stemming from the massive SolarWinds hack. An exclusive report by Politico cited DoE official sources who said that their department was infiltrated by the cyberattackers, including hits on the NNSA; the Federal Energy Regulatory Commission which has oversight for the entire department; the Sandia and Los Alamos national laboratories in Washington and New Mexico; and the Richland Field Office of the DoE. The DoE confirmed its compromise on Friday.

INDEPENDENCE, Mo. - A ransomware attack on the city of Independence's computer systems has left some residents unable to pay their utility bills. The cyberattack occurred last week, officials in the Kansas City suburb told KSHB. City Manager Zach Walker said that 90% of the billing issues plaguing the city trace back to the cyberattack, which has left customers unable to pay their utility bills online and has caused a delay in bills being delivered by mail.