It turns out that a hacker supported by the Russian government was hacking a U.S. government agency and monitoring the contents of emails etc.

It is reported that Russia has a hacker group supported by government agencies, attacking

the organizers and sponsors of the 2020 US presidential election and the Tokyo Olympics . It was newly reported that a Russian hacker had hacked a cybersecurity company that had a contract with a US government agency and was monitoring the emails of state agencies such as the US Treasury .

Suspected Russian hackers spied on US Treasury emails --sources | Reuters

Russian government spies are behind a broad hacking campaign that has breached US intervention and a top cyber firm --The Washington Post firm / 2020/12/13 / d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html

Hacked: Top cybersecurity firm FireEye says'nation-state' is culprit

In December 2020, a hacker who seems to be supported by the Russian government launched an attack on a cyber security company against Reuters, a detailed information provider inside the U.S. government, under the umbrella of the U.S. Treasury Department and the U.S. Department of Commerce . He said he was monitoring the National Telecommunications and Information Administration (NTIA) emails.

The Federal Bureau of Investigation (FBI) believes that the hacking attack was due to ' APT29 (CozyBear) ' and is proceeding with an investigation. APT29 is believed to be supported by the Russian Foreign Intelligence Service (SVR) and is said to have hacked the US State Department and the White House during the Obama administration, as well as a research organization for the new coronavirus vaccine. I will.

Report that a group of hackers whispering Russian government involvement is hacking a research organization for the new coronavirus vaccine --GIGAZINE

It has been pointed out that hacker groups may have attacked cybersecurity companies that have government agencies as customers in order to hack US government agencies. On December 13, 2020, Texas-based SolarWinds secretly tampered with software updates released in March and June by a manual supply chain attack by a highly sophisticated and targeted state. It may have been done. ' According to someone familiar with the set of issues, SolarWinds is believed to have become a hacker's intrusion channel.

Also, in early December 2020, California-based FireEye was attacked by a hacker and reported that a toolkit was stolen to investigate customer systems and find security weaknesses. .. Hacking to FireEye also seen that it is part of a series of cyber attacks, The Washington Post is that there is a high possibility this attack is due to APT29 was reported .

'The US government is aware of these issues and will take all necessary steps to identify and resolve any possible issues related to this situation,' said John Ullyot, a spokeswoman for the National Security Council. We are taking steps. ' The Commerce Department, whose infrastructure was hacked, said it had asked cybersecurity and the FBI to investigate. Hacking against government agencies was significant, and informants reported to Reuters that a National Security Council was held at the White House on December 12.

In a large-scale cyberattack, it can take months or years for authorities to determine what information was stolen and what it was used for. The overall scope of the hacking attack remains unknown, but sources said the hacker broke into Microsoft's Office 365 used by the NTIA and monitored email for several months.

A spokeswoman for the Cyber Security and Infrastructure Security Agency (CISA) said, 'We have been working closely with agency partners on recently discovered hacking activities on government networks. CISA has potentially compromised affected agencies. We are providing technical assistance to identify and mitigate the impact, 'he told Reuters. The FBI, Treasury, and Microsoft did not comment on Reuters.

in Software,   Web Service,   Security, Posted by log1h_ik