SolarWinds hack may have been more damaging than previously thought
Grabbing policy documents was probably the greatest win for the attackers, reports claim
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
TheSolarWindshackers reportedly got their hands on information about counterintelligence investigations, the US’ policy on sanctioning Russian individuals and its response to COVID-19.
The campaign was widely publicized when it was eventually outed late last year. The US governmentpins the attack on Russia’s SVRforeign intelligence service, which denies any involvement in the campaign.
Despitemonths of investigation, which has identified several targets, including SolarWinds andMicrosoft, there has been virtually no revelations about the intentions of the attackers.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Click here to start the survey in a new window«
However, anonymous sources have now toldReutersthat the attackers were hoping to gather intelligence on the US government’s decision-making policy.
Intelligence loss
Microsoft recently revealed Russia as a leading proponent for conducting cyber crimes using state-sponsored actors.
In their annual Digital Defense Report, Microsoft shared that the SolarWinds attackers were digging for government material on sanctions and other Russia-related policies, along with information about the methods the country employs to catch Russian hackers.
Anonymous sources involved in the US government’s investigation into the matter revealed that they could see the terms that the attackers used as they combed through the US government files, and one of the keywords searched was “sanctions.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Speaking toReuters, Chris Krebs, former head of US’ Cybersecurity and Infrastructure Security Agency (CISA) and now an adviser to various companies including SolarWinds, said the combined descriptions of the attackers’ goals sounds logical.
During the SolarWinds campaign the attackers managed to breach about nine federal agencies,read emailsof various government departments, made away with confidentialsource code from Microsoft, and other companies, and more.
Despite all this, one of the people involved in the investigation went as far as to tellReutersthat the exposure of counter-intelligence matters being pursued against Russia, was the worst of the losses.
ViaReuters
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
Cisco issues patch to fix serious flaw allowing possible industrial systems takeover
Washington state court systems taken offline following cyberattack
Lego will let you build Sir Ernest Shackleton’s iconic lost ship, the Endurance, in its next Icons set
