![]() Your CNN account Log in to your CNN account “Every organization company should be concerned because they must assume their networks are breached and the adversary is monitoring and observing their actions,” Kiersten Todt, a former cybersecurity official in the Obama administration and managing director of the Cyber Readiness Institute, told CNN Business. Microsoft is working to notify the organizations affected, its president, Brad Smith, said in the post. Microsoft disclosed in a blog post Thursday that more than 40 of its customers across eight countries were running the software impacted by the hack, with 80% of them in the United States. “Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.” “Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed,” a Microsoft spokesperson said in a statement, adding that the company had not found evidence that its services or customer data were accessed. Microsoft also acknowledged that it was impacted by the hack. “We continue to investigate all aspects of this evolving situation with the highest priority.” “At this time, there is no known impact to Cisco offers or products,” the spokesperson said. At least two say they have been affected to some degree.Ī Cisco spokesperson told CNN Business on Friday that it had “identified and mitigated affected software in a small number of lab environments and a limited number of employee endpoints.” A number of these firms told CNN Business that they are currently conducting investigations. The firms listed on the page included big names such as Cisco Why the US government hack is literally keeping security experts awake at night (AP Photo/Charles Dharapak, File) Charles Dharapak/AP/FILE In the hearing, both tech company officials and lawmakers said the breadth of the SolarWinds hack showed there needs to be a mandatory reporting system for companies discovering they have been penetrated by hackers.FILE - This Mafile photo shows the Pentagon in Washington. “We understand the gravity of the situation,” he said. ![]() Sudhakar Ramakrishna, the chief executive of SolarWinds, said that after months the company still has not found how the hackers managed to implant malware in the middle of the software supply chain – at the point when completed code is being tailored to downstream users’ configurations. He said it took thousands of hours for his staff to discover the bug, and only after tearing apart and decompiling thousands of files on a SolarWinds server. “This was not the first place you look, this was the last place you look for an insertion,” he said. In the Senate hearing, FireEye chief executive Kevin Mandia described the hack as the culmination of a “multi-decade” effort by the attackers. ![]() “This isn’t the only case of malicious cyber activity of likely Russian origin, either for us or for our allies and partners,” she said. The previous week Anne Neuberger, the senior White House cybersecurity advisor, said her team was looking “holistically” at retaliation. The Washington Post reported Tuesday that the Biden administration was studying options to punish Moscow for the hack and for other “malign” activity. The hack was discovered by computer security firm FireEye in December after it had sat on computers around the world.Īmong US government agencies penetrated were the National Security Agency, the State Department, Commerce Department, and the Treasury. And that is what we’re grappling with here,” he said. The SolarWinds incident was different, he said: it was like a burglar who “manages to turn off the alarm system for every home and every building in the entire city.” Smith compared previous hacks from Russian- and other government-backed groups to a burglar breaking into a single apartment. We haven’t seen this kind of sophistication matched with this kind of scale,” he said. And the answer we came to was… at least 1,000 very skilled, capable engineers. “We asked ourselves how many engineers do we believe had worked on this collective effort. Microsoft, one of more than 100 companies attacked and 18,000 left vulnerable by the hack, analyzed the work it took to insert malware into widely used security software created by SolarWinds.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |