Posted on 12/17/2020 1:11:47 PM PST by Mariner
The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, officials directly familiar with the matter said.
On Thursday, DOE and NNSA officials began coordinating notifications about the breach to their congressional oversight bodies after being briefed by Rocky Campione, the chief information officer at DOE.
They found suspicious activity in networks belonging to the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation and the Richland Field Office of the DOE. The hackers have been able to do more damage at FERC than the other agencies, the officials said, but did not elaborate.
Federal investigators have been combing through networks in recent days to determine what hackers had been able to access and/or steal, and officials at DOE still don’t know whether the attackers were able to access anything, the people said, noting that the investigation is ongoing and they may not know the full extent of the damage “for weeks.”
(Excerpt) Read more at politico.com ...
Wonderful.......
obviously some elements in the government have toys with which they can hurt themselves and the rest of us!
Unfortunately, not true. There are very important defensive systems on the SiprNet, sigh...........
Cheer up! We’re putting a senile old man in charge of the nuclear codes!
It’s been widely disclosed that Russia was behind it.
Orion is not a C&C platform, it’s used for monitoring. Most environments are monitored using SNMP or WMI. SNMP is a stupid simple protocol to compromise for signal data and is often recommended shutdown or heavily firewalled point-to-point.
But it's impossible for Democrats to have hacked the voting machines?
SNMP V2 can configure every device in the network.
https://www.solarwinds.com/solutions/orion
Solar Winds graduated to the mythical “single pane of glass” with Orion.
How, exactly?
It cant be too widely disclosed if I haven’t read about it. 😊
Most orgs don’t use that functionality due to risk. I’ve worked in healthcare, financial, and government industry IT auditing and every regulatory body prohibits or requires extensive curtailment of rights for SNMP due to risk. There are better C&C platforms out there that don’t require SNMP.
Ive worked in all of those too.
As a PMP and CISSP.
The only large companies, or government agencies I’ve seen not using such functionality, when available, are those that can’t figure out how to get it properly configured, or whose legacy systems are not compatible.
And those who have smart senior engineers. Which is rare now days.
IT mgmt believes in the myth of a single pane of glass. They believe it will allow them to reduce staff significantly.
And the stupid runs deep and wide in government networks which do not have an air gap.
Most orgs don’t have the brain trust required to implement and maintain a proper PKI and managed identity platform, both of which are critical to secure communications in C&C infrastructure. I’m a CISSP and have been involved with PKI implementation and management for 10 years. It’s the Achilles heel of many orgs.
I can tell you that the government severely overworks the sysadmins and security people that are responsible for government infrastructure, so much so that its easy to get spies in the door with poorly configured infrastructure where a premium is places on speed of deployment. Bonuses too.The government wont pay a premium for good people either. Another problem.
Critical to make them secure, but not essential to make them work.
There ought to be a law.
Organizations with a competent “brain trust” are rare. And where they exist, you see multiple specialized platforms for configuration control. And multiple other platforms for monitoring, alerting and ticketing.
Or course, scale matters.
And that’s why we’re in business...well, except for me. I’m recently retired.
It all comes down to competent IT Management, which is more rare than a competent engineering staff. And quickly becoming extinct.
I’ve got 20 years or so left. I’m constantly talking to anyone who’ll listen about how security “professionals” are more focused on products than practices. We need a groundswell of support that just isn’t there. Security is tough, unforgiving work. You have to be right more than the bad guys and they’re changing strategies daily.
“Security is tough, unforgiving work.”
You spend MOST of your time at loggerheads with those who hired you to help them. Trying to talk sense into them.
They don’t care about the rare, devastating total breach. They think it’ll never happen. And you’re just trying to run up the bill with gibberish.
It’s the damndest thing.
Well, the devastating total breach happened. And we can’t even take solace in it, or say I told you so.
This one is the hack of the century.
Well that used to be the case.
“I can tell you that the government severely overworks the sysadmins and security people that are responsible for government infrastructure”
And they always have. Especially the good ones.
Same with private enterprise.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.