fbpx
Connect with us

News

US agencies hacked in monthslong global cyberspying campaign

Inside Telecom Staff

Published

 on

Cybersecurity

U.S. government agencies were ordered to scour their networks for malware and disconnect potentially compromised servers after authorities learned that the Treasury and Commerce departments were hacked in a monthslong global cyberespionage campaign discovered when a prominent cybersecurity firm learned it had been breached.

In a rare emergency directive issued late Sunday, the Department of Homeland Security’s cybersecurity arm warned of an “unacceptable risk” to the executive branch from a feared large-scale penetration of U.S. government agencies that could date back to mid-year or earlier.

“This can turn into one of the most impactful espionage campaigns on record,” said cybersecurity expert Dmitri Alperovitch.

The hacked cybersecurity company, FireEye, would not say who it suspected — many experts believe the operation is Russian given the careful tradecraft — and noted that foreign governments and major corporations were also compromised.

News of the hacks, first reported by Reuters, came less than a week after FireEye disclosed that nation-state hackers had broken into its network and stolen the company’s own hacking tools.

The apparent conduit for the Treasury and Commerce Department hacks — and the FireEye compromise — is a hugely popular piece of server software called SolarWinds. It is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies that will now be scrambling to patch up their networks, said Alperovitch, the former chief technical officer of the cybersecurity firm CrowdStrike.

The DHS directive — only the fifth since they were created in 2015 — said U.S. agencies should immediately disconnect or power down any machines running the impacted SolarWinds software.

FireEye, without naming any specific targets, said in a blog post that its investigation into the hack of its own network had identified “a global campaign” targeting governments and the private sector that, beginning in the spring, had slipped malware into a SolarWinds software update. Neither the company nor the U.S. government publicly identified Russian state-backed hackers as responsible.

The malware gave the hackers remote access to victims’ networks, and Alperovitch said SolarWinds grants “God-mode” access to a network, making everything visible.

“We anticipate this will be a very large event when all the information comes to light,” said John Hultquist, director of threat analysis at FireEye. “The actor is operating stealthily, but we are certainly still finding targets that they manage to operate in.”

On its website, SolarWinds says it has 300,000 customers worldwide, including all five branches of the U.S. military, the Pentagon, the State Department, NASA, the National Security Agency, the Department of Justice and the White House. It says the 10 leading U.S. telecommunications companies and top five U.S. accounting firms are also among customers.

FireEye said it had confirmed infections in North America, Europe, Asia and the Middle East, including in the health care and oil and gas industry — and had been informing affected customers around the world in the past few days. It’s customers include federal, state and local governments and top global corporations.

It said that malware that rode the SolarWinds update did not seed self-propagating malware — like the NotPetya malware blamed on Russia that caused more than $10 billion in damage globally — and that any actual infiltration of an infected organization required “meticulous planning and manual interaction.”

That means it’s a good bet only a subset of infected organizations were being spied on by the hackers. Nation-states have their cyberespionage priorities, which include COVID-19 vaccine development.

On Sunday, Russia’s U.S. embassy described as “unfounded” in a post on its Facebook page the “attempts of the U.S. media to blame Russia for hacker attackes on U.S. governmental bodies.”

The Treasury Department referred requests for comment to the National Security Council, whose spokesman, John Ullyot, said the government was “taking all necessary steps to identify and remedy any possible issues related to this situation.”

The government’s Cybersecurity and Infrastructure Security Agency said it was working with other agencies to help “identify and mitigate any potential compromises.” The FBI said it was engaged in a response but declined to comment further.

President Donald Trump last month fired the director of CISA, Chris Krebs, after Krebs vouched for the integrity of the presidential election and disputed Trump’s claims of widespread electoral fraud.

In a tweet Sunday, Krebs said “hacks of this type take exceptional tradecraft and time,” adding that he believed that its impact was only beginning to be understood.

Federal agencies have long been attractive targets for foreign hackers looking to gain insight into American government personnel and policymaking.

Hackers linked to Russia, for instance, were able to break into the State Department’s email system in 2014, infecting it so thoroughly that it had to be cut off from the internet while experts worked to eliminate the infestation. A year later, a hack at the U.S. government’s personnel office blamed on China compromised the personal information of some 22 million current, former and prospective federal employees, including highly sensitive data such as background investigations.

The intrusions disclosed Sunday included the Commerce Department’s agency responsible for internet and telecommunications policy. A spokesperson confirmed a “breach in one of our bureaus” and said “we have asked CISA and the FBI to investigate.”

Austin, Texas-based SolarWinds confirmed Sunday a “potential vulnerability” related to updates released between March and June for software products called Orion that help monitor networks for problems.

“We believe that this vulnerability is the result of a highly-sophisticated, targeted and manual supply chain attack by a nation state,” said SolarWinds CEO Kevin Thompson said in a statement. He said it was working with the FBI, FireEye and intelligence community.

FireEye announced on Tuesday that it had been hacked, saying foreign state hackers with “world-class capabilities” broke into its network and stole tools it uses to probe the defenses of its thousands of customers. The hackers “primarily sought information related to certain government customers,” FireEye CEO Kevin Mandia said in a statement, without naming them.

Former NSA hacker Jake Williams, the president of the cybersecurity firm Rendition Infosec, said FireEye surely told the FBI and other federal partners how it had been hacked and they determined that Treasury had been similarly compromised.

“I suspect that there’s a number of other (federal) agencies we’re going to hear from this week that have also been hit,” Williams added.

FireEye responded to the Sony and Equifax data breaches and helped Saudi Arabia thwart an oil industry cyberattack — and has played a key role in identifying Russia as the protagonist in numerous aggressions in the burgeoning netherworld of global digital conflict.

Mandia said there was no indication they got customer information from the company’s consulting or breach-response businesses or threat-intelligence data it collects.


WASHINGTON (AP) — By ERIC TUCKER, FRANK BAJAK and MATT O’BRIEN Associated Press

Bajak reported from Boston and O’Brien from Providence, Rhode Island.

Advertisement

We’re a diverse group of industry professionals from all corners of the world. Our desire is to provide a high-quality telecoms publication that caters to an international market, offering the latest and most relevant telecoms information to businesses, entrepreneurs and enthusiasts.

News

GM looking to build 2nd US battery factory, Tennessee likely

Associated Press

Published

 on

GM looking to build 2nd US battery factory, Tennessee likely

General Motors says it’s looking for a site to build a second U.S. battery factory with joint venture partner LG Chem of Korea.

The companies hope to have a decision on a site in the first half of the year, spokesman Dan Flores said Thursday.

Flores would not say where the company is looking, but it’s likely to be near GM’s Spring Hill, Tennessee, factory complex, which is one of three sites the company has designated to build electric vehicles.

A joint venture between GM and LG Chem currently is building a $2 billion battery factory in Lordstown, Ohio, near Cleveland, that will employ about 1,000 people. The site is fairly close to GM’s two other designated electric vehicle plants, one in Detroit and the other north of the city in Orion Township, Michigan.

GM is likely to need far more battery capacity if it’s able to deliver on a goal of converting all of its new passenger vehicles from internal combustion engines to electricity by 2035.

LG Chem now has a battery cell plant in Holland, Michigan, that supplies power to the Chevrolet Bolt hatchback and the new Bolt electric SUV.

Industry analysts have said that automakers face a global shortage of batteries as the industry moves away from gasoline powered vehicles. Most of the world’s batteries are built in China and other countries.

The Wall Street Journal first reported that GM and LG Chem are pursuing a site in Tennessee to build a new battery plant.

GM’s venture is risky, at least based on U.S. electric vehicle sales. Last year full battery electric vehicles accounted for only 2% of the U.S. market of 14.6 million in new vehicle sales. But automakers are set to roll out 22 new electric models this year and are baking on wider consumer acceptance.

The consulting firm LMC Automotive predicts that U.S. battery powered vehicle sales will hit over 1 million per year starting in 2023, reaching over 4 million by 2030.


DETROIT (AP) — By TOM KRISHER

Continue Reading

News

UK competition watchdog investigates Apple’s App Store

Associated Press

Published

 on

UK competition watchdog investigates Apple's App Store

U.K. authorities have launched an investigation into Apple’s App Store over concerns it has a dominant role that stifles competition and hurts consumers.

The Competition and Markets Authority said Thursday it was looking into “suspected breaches of competition law” by Apple. The announcement adds to regulatory scrutiny of the iPhone maker’s app distribution platform, which is also the subject of three antitrust probes by the European Union’s executive Commission.

Apple said the App Store is “a safe and trusted place for customers” and a “great business opportunity for developers.”

The investigation was triggered in part by complaints from app developers that Apple will only let them distribute their apps to iPhone and iPad users through the App Store. The developers also complained that the company requires any purchases of apps, add-ons or upgrades to be made through its Apple Pay system, which charges up to 30% commission.

“Millions of us use apps every day to check the weather, play a game or order a takeaway,” Andrea Coscelli, the authority’s CEO, said in a statement. “So, complaints that Apple is using its market position to set terms which are unfair or may restrict competition and choice – potentially causing customers to lose out when buying and using apps – warrant careful scrutiny.”

The watchdog said it would consider whether Apple has a “dominant position” in app distribution for Apple devices in the U.K., and, if it does, whether the company “imposes unfair or anti-competitive terms on developers” that results in less choice or higher prices for consumers buying apps and extra.

Apple said it looked forward to explaining its App Store guidelines to the U.K. watchdog.

“We believe in thriving and competitive markets where any great idea can flourish,” the company said by email. “The App Store has been an engine of success for app developers, in part because of the rigorous standards we have in place — applied fairly and equally to all developers — to protect customers from malware and to prevent rampant data collection without their consent.”

By The Associated Press

Continue Reading

News

UK extends job support, tax breaks for pandemic-hit economy

Associated Press

Published

 on

UK extends job support, tax breaks for pandemic-hit economy

Britain’s treasury chief on Wednesday announced an additional 65 billion pounds ($91 billion) of support for an economy ravaged by the coronavirus pandemic, extending job support programs and temporary tax cuts to help workers and businesses in his annual budget.

Chancellor of the Exchequer Rishi Sunak told the House of Commons that it is too soon for the government to rein in spending, saying that his plans would “protect the jobs and livelihoods of the British people” through September as the government slowly lifts lockdown restrictions that have shut businesses across the U.K.

At the same time, he said Britain must be prepared to cut the deficit, announcing plans to increase the tax on corporate profits and boost revenue from personal income taxes in 2023.

“An important moment is upon us,” Sunak told the House of Commons. “A moment of challenge and of change. Of difficulties, yes, but of possibilities, too. This is a budget that meets that moment.”

U.K. public borrowing has risen to levels not seen since World War II as the government seeks to cushion the fallout from COVID-19, which has reduced gross domestic product by 10% and cost more than 700,000 people their jobs. Projections released Wednesday by the Office for Budget Responsibility show that the economy will still be 3% smaller five years from now than it would have been without the pandemic.

Sunak said government support programs have succeeded in mitigating the impact. The unemployment rate is now expected to peak at about 6.5%, rather than the 11.9% forecast last July, he said, citing estimates from the Office for Budget Responsibility. The economy is forecast to grow 4% this year and 7.3% in 2022.

On Wednesday, Sunak announced plans to extend those support programs for six months. They include a furlough program, under which the government pays 80% of the wages for private employees unable to work during the pandemic, as well as grants for self-employed workers, a temporary increase in welfare payments and tax relief for businesses.

Sunak cheered business leaders by offering a tax credit of up to 130% of the money companies invest in expanding and improving their operations. Sunak said the credit is expected to increase investment by 10% or 25 billion pounds over the next two years, creating jobs and boosting economic growth.

Stephen Phipson, chief executive of Make UK, described the policy as bold.

“Manufacturers have strong intentions to invest in capital equipment as well as digital and green technologies which are crucial for our long-term recovery,” he said. “Today’s announcement should help turbocharge investment to ensure that those plans turn into reality in the short-term.”

Looking to the future, Sunak said the government will in 2023 increase corporation tax to 25%, from the current rate of 19%, and freeze personal income tax thresholds, which will increase revenue as inflation boosts incomes.

But opposition leader Keir Starmer accused Sunak of failing to address deep-seated economic problems and banking on a “consumer spending blitz” to bail out the economy.

Starmer said the budget fails millions of key workers who are having their pay frozen, businesses swamped by debt, and families paying higher local property taxes.

“The central problem in our economy is a deep-rooted insecurity and inequality, and this budget isn’t the answer to that,” Starmer said. “So rather than the big, transformative budget that we needed, this budget simply papers over the cracks.”

Ian Blackford, the Scottish National Party’s leader in Parliament, criticized Sunak for continuing a strategy of temporary support that leaves businesses and consumers unsure of the future.

The budget leaves Scottish voters with a clear choice as the SNP campaigns to hold a second referendum on independence from the U.K., Blackford said.

“For the people of Scotland, this budget comes at a critical moment of choice,” he said, echoing Sunak’s language. “Post-Brexit and post-pandemic, Scotland now has a choice of two futures: The long-term damage of Brexit and more Tory austerity cuts, or the opportunity to protect her place in Europe and to build a strong, fair and green recovery with independence.”

LONDON (AP) — By DANICA KIRKA

Continue Reading

Trending