Connect with us

World

Report says Russian hackers haven’t eased spying efforts

The elite Russian state hackers behind last year’s massive SolarWinds cyberespionage campaign hardly eased up this year, managing plenty of infiltrations of US and allied government agencies and foreign policy think tanks with consummate craft and stealth, a leading cybersecurity firm reported Monday.

On the anniversary of the public disclosure of the SolarWinds intrusions, Mandiant said the hackers associated with Russia’s SVR foreign intelligence agency continued to steal data “relevant to Russian interests” with great effect using novel, stealthy techniques that it detailed in a mostly technical report aimed at helping security professionals stay alert.

For the latest headlines, follow our Google News channel online or via the app.

It was Mandiant, not the US government, that disclosed SolarWinds.

While the number of government agencies and companies hacked by the SVR was smaller this year than last, when some 100 organizations were breached, assessing the damage is difficult, said Charles Carmakal, Mandiant’s chief technical officer. Overall, the impact is quite serious. “The companies that are getting hacked, they are also losing information.”

“Not everybody is disclosing the incident(s) because they don’t always have to disclose it legally,” he said, complicating damage-assessment.

The Russian cyber spying unfolded, as always, mostly in the shadows as the US government was consumed in 2021 by a separate, eminently “noisy” and headline-grabbling cyber threat — ransomware attacks launched not by nation-state hackers but rather criminal gangs. As it happens, those gangs are largely protected by the Kremlin.

The Mandiant findings follow an October report from Microsoft that the hackers, whose umbrella group it calls Nobelium, continue to infiltrate the government agencies, foreign policy think tanks and other organizations focused on Russian affairs through the cloud service companies and so-called managed services providers on which they increasingly rely. Mandiant tips its hat to Microsoft’s threat researchers in the report.

Mandiant researchers said the Russian hackers “continue to innovate and identify new techniques and tradecraft” that lets them linger in victim networks, hinder detection and confuse attempts to attribute hacks to them. In short, Russia’s most elite state-backed hackers are as crafty and adaptable as ever.

Mandiant did not identify individual victims or describe what specific information may have been stolen but did say unspecified “diplomatic entities” that received malicious phishing emails were among the targets.

Often, the researchers say, the hackers’ path of least resistance to their targets were cloud-computing services. From there, they used stolen credentials to infiltrate networks. The report describes how in one case they gained access to one victim’s Microsoft 365 system through a stolen session. And, the report says, the hackers routinely relied on advanced tradecraft to cover their tracks.

One clever technique discussed in the report illustrates the ongoing cat-and-mouse game that digital espionage entails. Hackers set up intrusion beachheads using IP addresses, a numeric designation that identifies its location on the internet, that were physically located near an account they are trying to breach — in the same address block, say, as the person’s local internet provider. That makes it highly difficult for security software to detect a hacker using stolen credentials posing as someone trying to access their work account remotely.

The SolarWinds hack exploited vulnerabilities in the software supply-chain system and went undetected for most of 2020 despite compromises at a broad swath of federal agencies — including the Justice Department — and dozens of companies, primarily telecommunications and information technology providers and including Mandiant and Microsoft.

The hacking campaign is named SolarWinds after the US software company whose product was exploited in the first-stage infection of that effort. The Biden administration imposed sanctions last April in response to the hack, including against six Russian companies that support the country’s cyber efforts.

Read more: Attorney for Hillary Clinton campaign indicted in US Trump-Russia probe

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

World

US: Bodies of two of three missing kids found in Minnesota lake

The bodies of two young children have been recovered from a Minnesota lake, and searchers are still looking for a third they fear may have been intentionally drowned.

Meanwhile, the father of the children died at a different location hours earlier, and their mother is missing. Names have not been released.

For the latest headlines, follow our Google News channel online or via the app.

The chain of events began Friday morning when the father was found dead at a mobile home park in the town of Maplewood, near Minneapolis. Police determined that the woman had left with the children, and a search began.

Maplewood Police Lt. Joe Steiner said the woman’s car was found near Vadnais Lake around 4 p.m. Friday. The shoes of the children were found on the shore.

A search of the lake found one child’s body Friday evening. A second body was found overnight. Searchers from several organizations were busy Saturday looking for the third, as well as the mother.

Authorities believe all three children were under the age of 5.

“There’s nothing more tragic than the loss of young children,” Ramsey County Sheriff Bob Fletcher said at a news conference on Friday. He called the deaths a “likely triple homicide.”

Read more:

Foreign firefighters arrive in Greece for summer wildfire season

Four tied bodies found in intentionally burned-out helicopter in Mexico

Astronaut study reveals effects of space travel on human bones

Continue Reading

World

Foreign firefighters arrive in Greece for summer wildfire season

Several dozen Romanian and Bulgarian firefighters took up their posts in Greece on Saturday, the first members of a European force being deployed to the country to provide backup in case of major wildfires during the summer.

More than 200 firefighters and equipment from Bulgaria, France, Germany, Romania, Norway and Finland will be on standby during the hottest months of July and August in Greece, where a spate of wildfires caused devastation last summer.

For all the latest headlines follow our Google News channel online or via the app.

A group of 28 Romanian firefighters with eight vehicles, and 16 firefighters from Bulgaria with four vehicles, were the first to arrive for the two-month mission, financed and coordinated under the European Union’s civil protection mechanism.

“We thank you very much for coming to help us during a difficult summer for our country, and for proving that European solidarity is not just theoretical, it’s real,” Greek Civil Protection Minister Christos Stylianides said on Saturday as he welcomed the members of the Romanian mission in Athens.

“When things get tough, you will be side by side with our Greek firefighters so we can save lives and property.”

The Bulgarian firefighters have been stationed in Larissa, in central Greece.

Last summer’s wildfires ravaged about 300,000 acres (121,000 hectares) of forest and bushland in different parts of Greece as the country experienced its worst heatwave in 30 years.

Following sharp criticism of its response to the fires, the Greek government set up a new civil protection ministry and promised to boost firefighting capacities.

In Greece’s worst wildfire disaster, 102 people were killed when a blaze tore through the seaside town of Mati and nearby areas close to Athens during the summer of 2018.

Read more:

Iranian-flagged tanker in Greece tugged to Piraeus port

Erdogan says no meeting until Greek PM ‘pulls himself together’: Report

Greece formalizes request for US-made F-35 fighter jets: PM Mitsotakis

Continue Reading

World

One killed, six injured in shootout between migrant groups in Serbia

One migrant was killed and at least six others, including a teenage girl, were injured Saturday in a shootout between migrant groups in Serbia near the Hungarian border, the state-run RTS television reported.

The 16-year-old girl sustained life threatening injuries in the incident that occurred in a forest in the outskirts of Subotica, some 160 kilometers (100 miles) north of Belgrade, where the injured were hospitalized, RTS reported.

For all the latest headlines follow our Google News channel online or via the app.

Police, who made no immediate comment, blocked access to the forest where the incident took place, only around a kilometer from the Hungarian border.

Interior Minister Aleksandar Vulin rushed to the scene.

The injured, aged between 20 and 30, have no documents, Subotica mayor Stevan Bakic told local media.

It is not known what triggered the incident, he added.

Local media reported that the shootout occurred between Afghan and Pakistani migrants most likely over human trafficking from the area to European Union member Hungary.

Serbia lies on the so-called Balkans route used by migrants heading towards Western Europe as they flee war and poverty in the Middle East, Asia and Africa.

Although the route is nowhere as busy as it was during Europe’s migrant crisis in 2015, tens of thousands of illegal migrants still cross the region annually.

Read more:

Three countries ban Russia’s Lavrov flight to Serbia, visit cancelled: Interfax

Kosovo cafe bans Europeans over visa ‘humiliation’

Continue Reading

Trending