Warm Southern Breeze

"… there is no such thing as nothing."

Russians Attack-Hack American National Security Cyber Infrastructure. Loser In Chief POS45 Does Nothing. Why?

Posted by Warm Southern Breeze on Friday, December 18, 2020

The President’s ongoing failure to secure America’s national security secrets – which are of significantly greater importance than illegal immigration – has cost untold lives, not only in the military service, but in the clandestine services as well. And precisely because these matters are TOP SECRET, they do NOT make front page news, nightly news, Faux newz, nor any other news gathering and reporting agency, such as the Associated Press.

This failure – which is by no means new, for it happened first in 2018, and can be traced back to 2016 as Russian election interference – can ALL be laid at the feet of the one-term Banana Republican POS45 Loser in Chief also known as “Donald J. Trump.”

There was a reason why the Russians wanted Trump elected.


Romney: “Stunning” That Trump Unresponsive To Russian Cyberattack

https://thehill.com/homenews/senate/530738-romney-stunning-for-white-house-not-to-respond-on-russian-cyberattack

Utah Republican Senator Mitt Romney said on Thursday that it was “stunning” for the White House to not issue a response regarding multiple Russian cyber attacks upon U.S. government resources.

“I think the White House needs to say something aggressive about what happened. This is almost as if you had a Russian bomber flying undetected over the country, including over the nation’s capital, and not to respond in a setting like that is really stunning,” Romney said to Olivier Knox, SiriusXM’s Chief Washington Correspondent.

Utah Republican Senator Mitt Romney 12-17-20 Tweet on Russian cyber hack in US

The senator tweeted an abbreviated version of the statement he told SiriusXM’s Chief Washington Correspondent Olivier Knox in a prerecorded interview, noting the recent reports of Russian hacks into government agencies showed “alarming U.S. vulnerability” and “apparent cyber warfare weakness.”

On Sunday, reports emerged showing that the U.S. Treasury Department and a Commerce Department agency had been breached by a Russian military intelligence unit known as “Cozy Bear,” which is responsible for past hacks into government agencies.

The Republican senator’s comments come one day after Democratic Illinois Senator Dick Durbin voiced similar thoughts about the recent alleged Russian hacks, calling it “virtually a declaration of war by Russia on the United States and we should take that seriously.”

President Trump has not addressed the latest hacks reported by Reuters on Sunday, and CNBC reported that White House spokeswoman Kayleigh McEnany said Tuesday the administration is “taking a hard look into this.”

The White House had no response when asked about the matter by The Hill.

President-elect Joe Biden continues being outspoken regarding the latest suspected Russian hacking, and said his incoming national security team has been briefed by officials privy to the matter.

The President-elect said in part that, “My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority from the moment we take office. Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation.”

The Cybersecurity and Infrastructure Security Agency (CISA) told congressional staffers this week the perpetrator behind the alleged cyberattack is “highly sophisticated.”

CISA officials said further that “it will take weeks, if not months, to determine the total number of agencies affected by the attack and the extent to which sensitive data and information may have been compromised.”


The hack is so serious it led to a National Security Council meeting at the White House on Saturday, said one of the people familiar with the matter. U.S. officials have not said much publicly beyond the Commerce Department confirming there was a breach at one of its agencies and that they asked the Cybersecurity and Infrastructure Security Agency and the FBI to investigate.

National Security Council spokesman John Ullyot added that they “are taking all necessary steps to identify and remedy any possible issues related to this situation.”

The U.S. government has not publicly identified who might be behind the hacking, but three of the people familiar with the investigation said Russia is currently believed to be responsible for the attack.

Two of the people said that the breaches are connected to a broad campaign that also involved the recently disclosed hack on FireEye, a major U.S. cybersecurity company with government and commercial contracts. In a statement posted on Facebook, the Russian foreign ministry described the allegations as another unfounded attempt by the U.S. media to blame Russia for cyberattacks against U.S. governmental agencies.

The cyber spies are believed to have gotten in by clandestinely tampering with updates released by IT company SolarWinds, which serves government customers across the executive branch, the military, and the intelligence services.

The trick – often referred to as a “supply chain attack” – works by hiding malicious code in the body of legitimate software updates provided to targets by third parties.

In a statement released late Sunday, the Austin, Texas-based company said that updates to its monitoring software released between March and June of this year may have been subverted by what it described as a “highly-sophisticated, targeted and manual supply chain attack by a nation state.”

The company declined to offer any further detail, but the diversity of SolarWind’s customer base has sparked concern within the U.S. intelligence community that other government agencies may be at risk, according to four people briefed on the matter.

SolarWinds says on its website that its customers include most of America’s Fortune 500 companies, the top 10 U.S. telecommunications providers, all five branches of the U.S. military, the State Department, the National Security Agency, and the Office of President of the United States.


SAN FRANCISCO (Reuters) – Microsoft Corp said on Thursday it found malicious software in its systems related to a massive hacking campaign disclosed by U.S. officials this week, adding a top technology target to a growing list of attacked government agencies.

The Redmond, Washington company is a user of Orion, the widely deployed networking management software from SolarWinds Corp which was used in the suspected Russian attacks on vital U.S. agencies and others. Microsoft also had its own products leveraged to attack victims, said people familiar with the matter. The U.S. National Security Agency issued a rare “cybersecurity advisory” Thursday detailing how certain Microsoft Azure cloud services may have been compromised by hackers and directing users to lock down their systems.

“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed,” a Microsoft spokesperson said, adding that the company had found “no indications that our systems were used to attack others.”

One of the people familiar with the hacking spree said the hackers made use of Microsoft cloud offerings while avoiding Microsoft’s corporate infrastructure. Microsoft did not immediately respond to questions about the technique. Still, another person familiar with the matter said the Department of Homeland Security (DHS) does not believe Microsoft was a key avenue of fresh infection. Both Microsoft and the DHS, which earlier on Thursday said the hackers used multiple methods of entry, are continuing to investigate.

The FBI and other agencies scheduled a Friday classified briefing for members of Congress. The U.S. Energy Department also said it has evidence hackers gained access to its networks as part of the campaign.

Politico had earlier reported the National Nuclear Security Administration (NNSA), which manages the country’s nuclear weapons stockpile, was targeted.

An Energy Department spokeswoman said malware “has been isolated to business networks only” and has not impacted U.S. national security, including the NNSA. The DHS issued a bulletin on Thursday 17 December 2020 that the hackers had used other techniques besides corrupting updates of network management software by SolarWinds, which is used by hundreds of thousands of companies and government agencies.

CISA urged investigators not to assume their organizations were safe if they did not use recent versions of the SolarWinds software, while also pointing out that the hackers did not exploit every network they gained access to. CISA said it was continuing to analyze the other avenues used by the attackers. So far, the hackers are known to have at least monitored email or other data within the U.S. Departments of Defense, State, Treasury, Homeland Security and Commerce.

As many as 18,000 Orion customers downloaded the updates that contained a back door, SolarWinds has said. Since the campaign was discovered, software companies have cut off communication from those back doors to the computers maintained by the hackers.

But the attackers might have installed additional ways of maintaining access, CISA said, in what some have called the biggest hack in a decade. The Department of Justice, FBI and Defense Department, among others, have moved routine communication onto classified networks that are believed not to have been breached, according to two people briefed on the measures.

They are assuming that the non-classified networks have been accessed, the people said. CISA and private companies including FireEye Inc, which was the first to discover and reveal it had been hacked, have released a series of clues for organizations to look for to see if they have been hit. But the attackers are very careful and have deleted logs, or electronic footprints or which files they have accessed, security experts said.

That makes it hard to know what has been taken. Some major companies have said they have “no evidence” that they were penetrated, but in some cases that may only be because the evidence was removed. In most networks, the attackers would also have been able to create false data, but so far it appears they were interested only in obtaining real data, people tracking the probes said. Meanwhile, members of Congress are demanding more information about what may have been taken and how, along with who was behind it.

The House Homeland Security Committee and Oversight Committee announced an investigation Thursday, while senators pressed to learn whether individual tax information was obtained.

In a statement, President-elect Joe Biden said he would “elevate cybersecurity as an imperative across the government” and “disrupt and deter our adversaries” from undertaking such major hacks.


Russian hacker group “Fancy Bear,” which is very likely state-sponsored, has already electronically stolen very sensitive U.S. data and American secrets during this administration.

Russian Cyber Spies Have Stolen Secret U.S. Military Drone And Defence Data

WASHINGTON — Russian cyberspies pursuing the secrets of military drones and other sensitive U.S. defense technology tricked key contract workers into exposing their email to theft, an Associated Press investigation has found.

What ultimately may have been stolen is uncertain, but the hackers clearly exploited a national vulnerability in cybersecurity: poorly protected email and barely any direct notification to victims.

The hackers known as Fancy Bear, who also intruded in the U.S. election, went after at least 87 people working on militarized drones, missiles, rockets, stealth fighter jets, cloud-computing platforms or other sensitive activities, the AP found.

Employees at both small companies and defense giants like Lockheed Martin Corp., Raytheon Co., Boeing Co., Airbus Group and General Atomics were targeted by the hackers. A handful of people in Fancy Bear’s sights also worked for trade groups, contractors in U.S.-allied countries or on corporate boards.

An Associated Press investigation finds that Russian cyber spies exploiting a national vulnerability in cybersecurity are trying to break into the emails of scores of people working on military drone technology. (Feb. 7)

“That’s what’s really scary,” added Sowell, who was one of the hacking targets.

The AP identified the defense and security targets from about 19,000 lines of email phishing data created by hackers and collected by the U.S.-based cybersecurity company Secureworks, which calls the hackers Iron Twilight. The data is partial and extends only from March 2015 to May 2016. Of 87 scientists, engineers, managers and others, 31 agreed to be interviewed by the AP.

Countries like Russia are racing to make better drones as the remote-control aircraft have moved to the forefront of modern warfare. They can fire missiles, hunt down adversaries, or secretly monitor targets for days — all while keeping human pilots safely behind computer controls.

The U.S. Air Force now needs more pilots for drones than for any other single type of aircraft, a training official said last year. Drones will lead growth in the aerospace industry over the next decade, with military uses driving the boom, the Teal Group predicted in November. Production was expected to balloon from $4.2 billion to $10.3 billion.

So far, though, Russia has nothing that compares with the new-generation U.S. Reaper, which has been called “the most feared” U.S. drone. General Atomics’ 5,000-pound mega-drone can fly more than 1,000 miles (1,600 kilometers) to deliver Hellfire missiles and smart bombs. It has seen action in Afghanistan, Iraq and Syria.

The hackers went after General Atomics, targeting a drone sensor specialist. He did not respond to requests for comment.

They also made a run at the Gmail account of Michael Buet, an electronics engineer who has worked on ultra-durable batteries and high-altitude drones for SunCondor, a small South Carolina company owned by Star Technology and Research. Such machines could be a useful surveillance tool for a country like Russia, with its global military engagements and vast domestic border frontier.

“This bird is quite unique,” said Buet. “It can fly at 62,000 feet (18,600 meters) and doesn’t land for five years.”

The Russians also appeared eager to catch up in space, once an arena for Cold War competition in the race for the moon. They seemed to be carefully eyeing the X-37B, an American unmanned space plane that looks like a miniature shuttle but is shrouded in secrecy.

In a reference to an X-37B flight in May 2015, Russian Deputy Prime Minister Dmitry Rogozin invoked the vehicle as evidence that his country’s space program was faltering. “The United States is pushing ahead,” he warned Russian lawmakers.

Less than two weeks later, Fancy Bear tried to penetrate the Gmail account of a senior engineer on the X-37B project at Boeing.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 
%d bloggers like this: