Security News
Nation-state hackers have breached the networks of the National Nuclear Security Administration and the US Department of Energy. NNSA is a semi-autonomous government agency responsible for maintaining and securing the US nuclear weapons stockpile.
Nation-state hackers have breached the networks of the National Nuclear Security Administration and the US Department of Energy. NNSA is a semi-autonomous government agency responsible for maintaining and securing the US nuclear weapons stockpile.
An advanced hacking group believed to be working for the Russian government has compromised the internal network of a think tank in the U.S. three times. Incident responders from cybersecurity company Volexity investigating the attacks between late 2019 and July 2020 named the threat actor Dark Halo, a versatile adversary capable to quickly switch to different tactics and techniques to carry out long-term, stealthy operations.
An advanced hacking group believed to be working for the Russian government has compromised the internal network of a think tank in the U.S. three times. Incident responders from cybersecurity company Volexity investigating the attacks between late 2019 and July 2020 named the threat actor Dark Halo, a versatile adversary capable to quickly switch to different tactics and techniques to carry out long-term, stealthy operations.
The US Cybersecurity and Infrastructure Security Agency said that the APT group behind the recent compromise campaign targeting US government agencies used more than one initial access vector. "CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated. CISA will update this Alert as new information becomes available," the agency said.
The US Cybersecurity and Infrastructure Security Agency said that the APT group behind the recent compromise campaign targeting US government agencies used more than one initial access vector. "CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated. CISA will update this Alert as new information becomes available," the agency said.
Police forces were found by IPCO to be treating applications to use spying powers as a tickbox exercise, perhaps unsurprisingly given that these are self-authorisations rubberstamped by police managers themselves. "To provide oversight that satisfies this judgment, IPCO reviewed the use of bulk data at GCHQ and has now incorporated the sharing of bulk data with foreign partners into its regular oversight and inspection arrangements," said IPCO in a statement.
The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence. The National Security Council has established a Cyber Unified Coordination Group following the SolarWinds breach to help the intelligence agencies better coordinate the US government's response efforts surrounding this ongoing espionage campaign.
The UK's Home Office has handed a £30m contract to engineering and IT outfit Leidos to help government agencies access and analyse communications data for combatting terrorism and organised crime. The Home Office's National Communications Data Service launched the Agile Data Retention and Disclosure Services last year with a prior information notice to the market.
Some of America's most deeply held secrets may have been stolen in a disciplined, monthslong operation being blamed on elite Russian government hackers. Thomas Rid, a Johns Hopkins cyberconflict expert, said the campaign's likely efficacy can be compared to Russia's three-year 1990s "Moonlight Maze" hacking of U.S. government targets, including NASA and the Pentagon.