Posted on 12/13/2020 1:28:37 PM PST by bitt
Hackers backed by a foreign government have been monitoring internal email traffic at the U.S. Treasury Department and an agency that decides internet and telecommunications policy, according to people familiar with the matter.
“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation," said NSC spokesman John Ullyot.
There is concern within the U.S. intelligence community that the hackers who targeted the Treasury Department and the Commerce Department’s National Telecommunications and Information Administration used a similar tool to break into other government agencies, according to three people briefed on the matter. The people did not say which other agencies.
The hack is so serious it led to a National Security Council meeting at the White House on Saturday, said one of the people familiar with the matter.
The hack involves the NTIA’s office software, Microsoft’s Office 365. Staff emails at the agency were monitored by the hackers for months, sources said.
A Microsoft spokesperson did not immediately respond to a request for comment.
The hackers are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press.
“This is a nation state,” said a different person briefed on the matter. “We just don’t know which one yet.”
The full scope of the hack is unclear. The investigation is still its early stages and involves a range of federal agencies, including the FBI, according to the three people familiar with the matter.
The FBI, Homeland Security Department’s cybersecurity division, known as CISA, and U.S. National Security Agency did not immediately respond to a request for comment.
the Fox link says 404 page now, but it is apparently the Reuters report.
wanted to check if the obvious line of “coming one day after the revelations of Chinese spies” blah blah was included but, of course, it wasn’t.
but I am seeing the following in some reports -
“U.S. Treasury is ‘breached by Kremlin hackers who monitored staff emails for months’”
not interested to check who is being quoted.
Actually, it might not be China, but instead, someone connected to China. The latter might want the Trump administration to accuse China to get him to implode and be discredited.
2M members of CCCP get released and then the USTC gets hacked. Nothing to see here.... move along. It is just a koinkydink
BTW welcome to FR!
Sorry wrong thread.
But it’s impossible to hack Dominion voting machines?
Probably a cyber hacking networks of Norks, Chicoms, Iranians, and Russians.
Where have I heard that name before?
The cyber spies are believed to have gotten in by surreptitiously tampering with updates released by IT company SolarWinds,... by hiding malicious code in the body of legitimate software updates provided to targets by third parties...the diversity of SolarWind’s customer base has sparked concern within the U.S. intelligence community that other government agencies may be at risk
The breach presents a major challenge to the incoming administration of President-elect Joe Biden as officials investigate what information was stolen and try to ascertain what it will be used for. It is not uncommon for large scale cyber investigations to take months or years to complete.
Hackers broke into the NTIA’s office software, Microsoft’s Office 365. Staff emails at the agency were monitored by the hackers for months, sources said...The hackers are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press. - https://uk.reuters.com/article/uk-usa-cyber-amazon-com-exclusive/exclusive-us-treasury-breached-by-hackers-backed-by-foreign-government-sources-idUKKBN28N0PI
Besides the irony of using an anonymous source to report on anonymous hackers, this seems very serious but few here seem to take notice.
Tech Ping
“hiding malicious code in the body of legitimate software updates”
Think about all the internet-of-things out there that update automatically. People need to make a plan for how they will get along without a functioning internet or phone network.
By phone network, do you mean cell phones? Sounds like we might get "dialed" back to the 70s. Just skip the disco and the crappy cars.
“By phone network, do you mean cell phones?”
Anything that has software and is connected to the internet is vulnerable.
That always begs the question why everything is connected to the Internet. I think some things would be just fine on an isolated network.
“I think some things would be just fine on an isolated network.”
So do I. These wifi outlets and switches all work by logging into a central server, somewhere probably in China. You have to log in with your app and tell the server to tell your outlet to turn on or off. I do not like that arrangement. Fortunately, it is possible to reprogram many of these devices to just connect to your wifi and put up a simple web page with an on/off button that you can control with a web browser. You give up the ability to control the lights from Timbuktu, but I am fine with that.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.