Posted on 10/09/2021 11:24:26 PM PDT by nickcarraway
Jackpot moment for SVR operatives
Russia's SVR spy agency made off with information about US counterintelligence investigations in the wake of the SolarWinds hack, according to people familiar with the American government cleanup operation.
The alarming snippet was reported by financial newswire Reuters. The SVR was named and shamed in April by Britain and the US as the organisation that compromised the build systems of SolarWinds' network monitoring software Orion, used by 18,000 customers across the world. Those customers included the UK and US governments, among many, many others.
The attack is said to have led to the Russian foreign intelligence service making off with "information about counterintelligence investigations, policy on sanctioning Russian individuals and the country's response to COVID-19," according to people involved in the US government's investigation who spoke to Reuters.
It was also reported that the SVR stole software signing certificates so their software could be run on them.
The attackers compromised SolarWinds' build servers, inserting a backdoor into the next version of the software that was distributed through trusted channels as part of a scheduled, routine update. They spent months covering their tracks and lying low to see if they'd been detected; it took even US infosec behemoth FireEye months to realise what had happened on its own networks.
Russia attempted to deny involvement in the compromise of SolarWinds' Orion network management 'n' monitoring product, though there was little room for doubt in the emphatic statements issued by the UK and US in April – along with their expulsion of known Russian spies from their territories as a mark of disapproval.
Autodesk was one of the 18,000 firms breached in SolarWinds attack, firm admits SolarWinds urges US judge to toss out crap infosec sueball: We got pwned by actual Russia, give us a break Microsoft names Chinese group as source of new attack on SolarWinds SolarWinds issues software update – one it wrote for a change – to patch hole exploited in the wild Orion's compromise was first noticed by FireEye, which said it detected the Russian intrusion in early December last year.
Investigations revealed that Orion had been used as a foothold into thousands of organisations including the US Treasury and Department of Commerce. The software was also widely used in the British public sector, though official sources speaking off the record insisted that the Orion compromise had minimal effect on the UK.
The idea that Defence Equipment and Support just wasn't of interest to a foreign intelligence agency seems too farfetched to be true.
SolarWinds' chief exec, who took the post three days before the breach became public knowledge, declared that the 18,000 organisations affected by the backdoored software was a "very small number".
The firm is currently trying to stave off a lawsuit from aggrieved shareholders who claim they were misled about SolarWinds' security posture, notwithstanding that they were attacked by a hostile state actor which went to extraordinary lengths to cover its track.
A not-very-subtle campaign to blunt the SVR's ongoing exploitation attempts post-SolarWinds was mounted by Britain's National Cyber Security Centre, which spent a gleeful couple of summer months telling world+dog exactly what the SVR did next after having the SolarWinds breach attributed to it. ®
Haveta keep up the narrative that oceania is the bad guys.
Never hear about the Chinese hackers...
Or the North Korean hackers...
(And they’re out there)
Nope - just the russkies.
Are you kidding? I’ve read many articles about Chinese and North Korean hackers. There was an incident a few years ago where they were hacking into the U.S. government.
This should surprise no-one.....technology has opened countries and homes and pretty much anywhere hackers want to get in. Heck school kids with no responsibilities at all spend hours learning how to hack.
Probably was not the SRV, but the GRU which has more times deployed agents and has specific directorate whose job is SIGINT - as far as I can learn the SRV has no SIGINT specific mission.
Can anyone name a single success the CIA has had in the last twenty years?
Can anyone name a single success the CIA has had in the last twenty years?
Yes. They helped make up the Russian collusion story against Trump! Further, I have little doubt their fingers had a lot to do with the 2020 election. So, the CIA is very effective. The problem is that it’s not effective at what it’s supposed to be doing.
If we had heard about it, would've it really been a success?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.