"Reuters identified Cox Communications Inc and Pima County, Arizona government as victims of the intrusion by running a publicly available coding script here from researchers at Moscow-based private cybersecurity firm Kaspersky..."The breaches of U.S. government agencies, first revealed by Reuters on Sunday, hit the Department of Homeland Security, the Treasury Department, State Department and Department of Energy."
https://www.reuters.com/article/us-global-cyber/hackers-broad-attack-sets-cyber-experts-worldwide-scrambling-to-defend-networks-idUSKBN28S2V3
On web 19Dec2020; 8:17am
Congress says US govt massive hack is act of war":
(Reuters) - The suspected Russian hack of U.S. government agencies has led to heated rhetoric from lawmakers, with U.S. Senator Dick Durbin calling it “virtually a declaration of war” and U.S. Senator Marco Rubio saying that “America must retaliate, and not just with sanctions.”
But cybersecurity and legal experts said the hack would not be considered an act of war under international law and will likely go down in history as an act of espionage."[Question: wouldn't organized espionage of many US govt agencies be an act of war?]...
The breached federal agencies include the Commerce Department, Treasury Department, and Department of Energy."..
A Department of Defense law of war manual states that some cyber operations should be subject to the same rules as physical, or “kinetic” attacks. Examples include operations that “trigger a nuclear plant meltdown; open a dam above a populated area, causing destruction; or disable air traffic control services, resulting in airplane crashes.”
https://www.reuters.com/article/global-cyber-legal/explainer-u-s-government-hack-espionage-or-act-of-war-idUSKBN28T0HH
On web 19Dec2020;8:42am
The US govt hack also involved other countries:
"The type of web record, known as a CNAME, includes an encoded unique identifier for each victim and shows which of the thousands of “backdoors” available to them the hackers chose to open, said Kaspersky researcher Igor Kuznetsov."...
Microsoft, which was one of the thousands of companies to receive the malicious update, said it had currently notified more than 40 customers whose networks were further infiltrated by the hackers. Around 30 of those customers were in the United States, it said, with the remaining victims found in Canada, Mexico, Belgium, Spain, Britain, Israel and the United Arab Emirates. Most worked information technology companies, as well as some think tanks and government organisations."
[and from reading it also involved Pima County [Tucson] Arizona and Cox Communications which is in 19 states and has 607 service areas for internet via cable].
https://www.reuters.com/article/us-usa-cyber/solarwinds-hackers-broke-into-u-s-cable-firm-and-arizona-county-web-records-show-idUSKBN28S2B9
& More on cyber-atttack against US govt:
"The bulletin from DHS' Cybersecurity and Infrastructure Security Agency (CISA), represented the most striking assessment yet of a cascading threat to federal, state and local networks. "CISA has determined that this threat poses a grave risk to the federal government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations," the bulletin stated."...
"At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the Department, including the National Nuclear Security Administration (NNSA). When DOE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DOE network.”...
The system is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies, which will now be scrambling to patch up their networks.
https://www.usatoday.com/story/news/politics/2020/12/17/ongoing-cyberattack-poses-grave-risk-government-private-sector/3946658001/
On web 19Dec2020;8:49am
& more on that:
"some Trump administration officials acknowledged that other federal agencies — the State Department, the Department of Homeland Security and parts of the Pentagon — had been compromised."
Among those who use SolarWinds [malware-added] software are the Centers for Disease Control and Prevention, the State Department, the Justice Department, parts of the Pentagon and a number of utility companies"...
Two of the most embarrassing breaches came at the Pentagon and the Department of Homeland Security, whose Cybersecurity and Infrastructure Security Agency oversaw the successful defense of the American election system last month"
[My comment: does NY Times think all US citizens are STUPID? The breach was the voter manipulation that Trump talked about that was the method of electing"Biden falsely.]...
A government official, who requested anonymity to speak about the investigation, made clear that the Homeland Security Department, which is charged with securing civilian government agencies and the private sector, was itself a victim of the complex attack."...
Investigators were also focused on why the Russians targeted the Commerce Department’s National Telecommunications and Information Administration, which helps determine policy for internet-related issues, including setting standards and blocking imports and exports of technology that is considered a national security risk. But analysts noted that the agency deals with some of the most cutting-edge commercial technologies, determining what will be sold and denied to adversarial countries.
Nearly all Fortune 500 companies, including The New York Times, use SolarWinds products to monitor their networks. So does Los Alamos National Laboratory, where nuclear weapons are designed, and major defense contractors like Boeing, which declined on Monday to discuss the attack."
[Question: isn't Cox Communications a subsidiary of : "Cox Media Group, Inc. (CMG) is an American media conglomerate principally owned by Apollo Global Management in conjunction with Cox Enterprises, which maintains a 19.9% minority stake in the company. The company primarily owns radio and television stations—many of which are located in the South, Pacific Northwest, Eastern Midwest, and Northeast, and the regional cable news network Pittsburgh Cable News Channel (PCNC"?? According to :
en.wikipedia.org › wiki › Cox_Enterprises en.wikipedia.org › wiki › Cox_Enterprises
"Cox Enterprises, Inc. is a privately held global conglomerate headquartered in Atlanta, Georgia, United States, with approximately 55,000 employees and $21 billion in total revenue. Its major operating subsidiaries are Cox Communications, Cox Automotive, ... Governor Cox purchased the Atlanta Journal in 1939 as well as the WSB ..", they are.
Q2: why has The Atlanta Journal IGNORED this story about cyber-attack on them? https://www.nytimes.com/2020/12/14/us/politics/russia-hack-nsa-homeland-security-pentagon.html
19Dec2020; 9am
& it seems some knew about the cyber attack in advance:
“After 9/11 we learned a lot about warning signals that weren’t spotted," Sen. Angus King (I-Maine), co-chair of the Solarium Commission along with Rep. Mike Gallagher (R-Wis.), told me. “In this case, the signals are gigantic neon signs. This is the longest windup for a punch in the history of the world. We know it’s coming but we just don’t know how or when.”
https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2020/06/30/the-cybersecurity-202-commission-s-plan-to-avert-devastating-cyberattack-faces-uphill-battle-9-11-era-officials-say/5efa223c602ff10807191592/;
19Dec2020; 9:39am
& " City officials quickly reached out to the FBI, the Department of Homeland Security and the Secret Service and experts in the private sector, including Secureworks, as well as incident response teams from Microsoft and Cisco. They also worked with staff from Atlanta Information Management (AIM) to identify the threat and its magnitude, and to protect the perimeter of the technology footprint." from Oct/Nov 2018: https://www.govtech.com/security/What-Can-We-Learn-from-Atlanta.html
Heritage Foundation was 1 of companies hacked when US govt was hacked:
https://www.heritage.org/cybersecurity/commentary/hack-us-agencies-fortune-500-firms-highlights-need-cybersecurity
19Dec2020; 9:44am
Fortune 500 companies were hacked too:
"Hackers penetrated Orion’s update system, introducing malicious code disguised as legitimate Orion updates, according to blog posts by FireEye and Microsoft Corp. The malicious vulnerability existed in updates between March and June, the company said. The hacking tool embedded within the update even stored stolen data within the Orion software as to evade detection, according to FireEye. The result was that hackers could snoop on a company’s network all while appearing as legitimate traffic"...
“The victims have included government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East,” according to FireEye. “We anticipate there are additional victims in other countries and verticals."
https://fortune.com/2020/12/15/solarwinds-hackers-u-s-agencies/
& more on how secretive the Fortune 500 companies are about informing their clients of hack that stole info:
https://techcrunch.com/2020/12/17/fireeye-breach-solarwinds-federal-agencies/
19Dec2020;9:52am
US DoJ requires that hacking into businesses be reported [https://www.justice.gov/criminal-ccips/reporting-computer-internet-related-or-intellectual-property-crime] so why haven't the Fortune 500 companies who were reported in several news reports as being hacked by SolarWinds/Microsoft hack, been publicly announced/reported so their customers are not blind-sided?
Also see https://www.ic3.gov.
19Dec2020; 9:55am
Posted by me Gloria Poole,Registered Nurse, artist;Springfield Missouri on 19th Dec 2020 at 10:41am.
