Security News
A US Air Force intelligence officer who kidnapped her daughter to Mexico and attempted to defect to Russia with top-secret information is set to spend the better part of a decade behind bars. According to court documents [PDF] her unusual story started in July 2019, when she fled her Hedgesville home and flew to Mexico City where she contacted the Russian embassy, offering classified documents that she had removed from secure locations over the past 20 years.
A US Air Force intelligence officer who kidnapped her daughter to Mexico and attempted to defect to Russia with top-secret information is set to spend the better part of a decade behind bars. According to court documents [PDF] her unusual story started in July 2019, when she fled her Hedgesville home and flew to Mexico City where she contacted the Russian embassy, offering classified documents that she had removed from secure locations over the past 20 years.
Obscure software packages can have hidden vulnerabilities that affect the security of these networks, and sometimes the entire Internet. Any system for acquiring software needs to evaluate the security of the software and the security practices of the company, in detail, to ensure they are sufficient to meet the security needs of the network they're being installed in.
The United States has pinned the blame on Russia for a devastating cyberattack campaign that has hit government agencies and corporations across the country. In a joint statement, the agencies said that the work "Indicates that an Advanced Persistent Threat actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks." Further, the group said it believes the incident was designed as an intelligence gathering effort, which means a surveillance operation aimed at finding confidential and sensitive information.
The U.S. government has identified Russia as the "Likely" culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which the feds characterized as ongoing.
The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month. The FBI, CISA, ODNI, and NSA are members of the Cyber Unified Coordination Group, a newly-formed task force put in place by the White House National Security Council to investigate and lead the response efforts to remediate the SolarWinds breach.
It's an increasingly common way to attack networks. Once inside a network, SVR hackers followed a standard playbook: establish persistent access that will remain even if the initial vulnerability is fixed; move laterally around the network by compromising additional systems and accounts; and then exfiltrate data.
United States secretary of state Mike Pompeo has laid the blame for the SolarWinds hack on Russia, but his boss begs to differ. The Associated Press reports that the White House was set to issue a Friday afternoon statement describing Russia as "The main actor" behind the incident, but that staff were told to stand down instead. At the time of writing the State Department, National Security Agency, White House, Cybersecurity and Infrastructure Security Agency, and president Trump all appear not to have attempted to reconcile the administration's conflicting view on the incident.
Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China - not Russia - may be behind the cyberattack against the United States and tried to minimized its impact. Officials at the White House had been prepared to put out a statement Friday afternoon that accused Russia of being "The main actor" in the hack, but were told at the last minute to stand down, according to one U.S. official familiar with the conversations who spoke on condition of anonymity to discuss private deliberations.
Russia was "Pretty clearly" behind a devastating cyberattack on several US government agencies that also hit targets worldwide, Secretary of State Mike Pompeo said. "There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems," Pompeo told The Mark Levin Show on Friday.