Washington – Leading tech companies on Tuesday, a month-long breach of corporate and government networks is so sophisticated, intensive and labor-intensive that the country needs to be behind it and all evidence is Russia Said to show.
At the first parliamentary hearing on the breach, representatives of the technology companies involved in the response described near-breathtaking accuracy, ambition, and range hacking. The perpetrator secretly scooped up certain emails and documents on the target list from the United States and other countries.
“I’ve never seen this kind of sophistication comparable to this kind of scale,” Microsoft President Brad Smith told the Senate Intelligence Committee.
Forensic investigators have at least 1,000 advanced skills to develop code that hijacks widely used network software from Texas-based SolarWinds to spread malware worldwide through security updates. I presume that an engineer is needed.
“We’ve seen substantive evidence pointing to Russian foreign intelligence, but we haven’t found any other evidence to guide us,” Smith said.
US national security officials also said Russia was likely the cause of the breach, and President Joe Biden’s administration is considering punitive measures against Russia for hacking and other activities. Moscow has denied liability for the breach.
Officials said Hacking’s motive, discovered by private security company FireEye in December, seems to be information gathering. They aren’t saying anything.
At least nine government agencies and 100 private companies have been compromised, but it is not clear what was taken.
White House spokesman Jen Psaki said Tuesday that it would be “weeks, not months” for the United States to respond to Russia.
“We urged the intelligence community to do more work to clarify the attribution made by the previous administration regarding how the hack occurred, the extent of the damage, the extent and scale of the intrusion,” Pusaki said. Mr. says. “And we are still doing that.”
FireEye CEO Kevin Mandia told the Senate that nearly 100 people in his company have been working to investigate and contain the breach since almost accidentally detecting the breach and warning the U.S. government in December. It was.
The hacker first quietly installed the malicious code on the targeted network in October 2019, but did not activate it to see if it could remain undetected. As soon as they returned to March, they began stealing login credentials for people who were granted access to the network, and were able to obtain a “private key” that they could move around freely, Mandia said.
“They disappeared like ghosts,” he said.
“There is no doubt that this was planned. The question is where is next and when to find it,” said a security executive.
Violated government agencies include the Treasury, the Justice Department, and the Commerce Department, but the complete list is not publicly available. Microsoft’s president, working with FireEye, said there were casualties around the world, including Canada, Mexico, Spain and the United Arab Emirates.
A panel with the participation of SolarWinds CEO Sudhakar Ramakrishna, who took over the company after the hack, and George Kurtz, president and CEO of another major security company CrowdStrike, wasn’t just about how the breach occurred. , I also faced a question. Whether hacking victims should be legally enforced when they are violated. Even now, three months after the breach was revealed, the identities of most victims remain unknown.
Congress has considered in the past whether to require businesses to report that they are victims of hacking, but raises legal concerns, such as whether clients could be held liable for data loss. Caused.
U.S. authorities are also considering empowering cybersecurity and infrastructure agencies or other agencies with additional resources and powers to play a stronger role in working to prevent future breaches. I will.
Another measure under consideration is to establish a new agency such as the National Transportation Safety Board. This agency can quickly break in, evaluate violations, and determine if there are any issues that need to be fixed.
Senator Ron Weiden, one of the most prominent voices on the Senate’s cyber issues, warned that the United States must first ensure that the government agencies that violated the case have taken the necessary security measures. ..
“The impression that Americans may get from this hearing is that hackers were very formidable enemies and there was nothing the U.S. government or our biggest tech company could do to protect them. “Weiden, the Democratic Party of Oregon, said. “In my view, the message leads to billions of taxpayer funds for privacy-violating laws and cybersecurity.”
Contributed by Associated Press writer Alan Suderman in Richmond, Virginia.
Copyright 2021 AP communication. all rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.
High-tech companies say there is little doubt that Russia is behind a major hack
Source link High-tech companies say there is little doubt that Russia is behind a major hack