Connect with us

World

Report says Russian hackers haven’t eased spying efforts

The elite Russian state hackers behind last year’s massive SolarWinds cyberespionage campaign hardly eased up this year, managing plenty of infiltrations of US and allied government agencies and foreign policy think tanks with consummate craft and stealth, a leading cybersecurity firm reported Monday.

On the anniversary of the public disclosure of the SolarWinds intrusions, Mandiant said the hackers associated with Russia’s SVR foreign intelligence agency continued to steal data “relevant to Russian interests” with great effect using novel, stealthy techniques that it detailed in a mostly technical report aimed at helping security professionals stay alert.

For the latest headlines, follow our Google News channel online or via the app.

It was Mandiant, not the US government, that disclosed SolarWinds.

While the number of government agencies and companies hacked by the SVR was smaller this year than last, when some 100 organizations were breached, assessing the damage is difficult, said Charles Carmakal, Mandiant’s chief technical officer. Overall, the impact is quite serious. “The companies that are getting hacked, they are also losing information.”

“Not everybody is disclosing the incident(s) because they don’t always have to disclose it legally,” he said, complicating damage-assessment.

The Russian cyber spying unfolded, as always, mostly in the shadows as the US government was consumed in 2021 by a separate, eminently “noisy” and headline-grabbling cyber threat — ransomware attacks launched not by nation-state hackers but rather criminal gangs. As it happens, those gangs are largely protected by the Kremlin.

The Mandiant findings follow an October report from Microsoft that the hackers, whose umbrella group it calls Nobelium, continue to infiltrate the government agencies, foreign policy think tanks and other organizations focused on Russian affairs through the cloud service companies and so-called managed services providers on which they increasingly rely. Mandiant tips its hat to Microsoft’s threat researchers in the report.

Mandiant researchers said the Russian hackers “continue to innovate and identify new techniques and tradecraft” that lets them linger in victim networks, hinder detection and confuse attempts to attribute hacks to them. In short, Russia’s most elite state-backed hackers are as crafty and adaptable as ever.

Mandiant did not identify individual victims or describe what specific information may have been stolen but did say unspecified “diplomatic entities” that received malicious phishing emails were among the targets.

Often, the researchers say, the hackers’ path of least resistance to their targets were cloud-computing services. From there, they used stolen credentials to infiltrate networks. The report describes how in one case they gained access to one victim’s Microsoft 365 system through a stolen session. And, the report says, the hackers routinely relied on advanced tradecraft to cover their tracks.

One clever technique discussed in the report illustrates the ongoing cat-and-mouse game that digital espionage entails. Hackers set up intrusion beachheads using IP addresses, a numeric designation that identifies its location on the internet, that were physically located near an account they are trying to breach — in the same address block, say, as the person’s local internet provider. That makes it highly difficult for security software to detect a hacker using stolen credentials posing as someone trying to access their work account remotely.

The SolarWinds hack exploited vulnerabilities in the software supply-chain system and went undetected for most of 2020 despite compromises at a broad swath of federal agencies — including the Justice Department — and dozens of companies, primarily telecommunications and information technology providers and including Mandiant and Microsoft.

The hacking campaign is named SolarWinds after the US software company whose product was exploited in the first-stage infection of that effort. The Biden administration imposed sanctions last April in response to the hack, including against six Russian companies that support the country’s cyber efforts.

Read more: Attorney for Hillary Clinton campaign indicted in US Trump-Russia probe

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

World

Russia targets Kyiv with largest drone attack on Ukrainian capital ahead of Kyiv Day


Russia unleashed waves of air strikes on Kyiv overnight in what officials said appeared to be the largest drone attack on the city since the start of the war, as the Ukrainian capital prepared to celebrate the anniversary of its founding on Sunday.
Ukraine’s Air Force said it downed 52 out of the 54 Russia-launched drones, calling it a record attack with the Iranian-made ‘kamikaze’ drones. It was not immediately clear how many of the drones were shot over Kyiv.
For the latest headlines, follow our Google News channel online or via the app.
In what also appears to be the first deadly attack on Kyiv in May and the 14th assault this month, falling debris killed a 41-year-old man, Mayor Vitali Klitschko said.
The pre-dawn attacks came on the last Sunday of May when the capital celebrates Kyiv Day, the anniversary of its official founding 1,541 years ago. The day is typically marked by street fairs, live concerts and special museum exhibitions – plans for which have been made this year too, but on a smaller scale.
“The history of Ukraine is a long-standing irritant for the insecure Russians,” Andriy Yermak, the head of President Volodymyr Zelenskyy’s office, said on his Telegram channel.
Air Force said on Telegram that Russia had targeted military and critical infrastructure facilities in the central regions of Ukraine, and the Kyiv region in particular.
Reuters was unable to independently verify the information.
With a Ukrainian counteroffensive looming 15 months into the war, Moscow has intensified air strikes after a lull of nearly two months, targeting chiefly military site and supplies. Waves of attacks now come several times a week.
The Sunday attacks came after Kyiv said that combat clashes eased around the besieged city of Bakhmut in southeastern Ukraine, the site of the war’s longest battle.
Serhiy Popko, the head of Kyiv’s military administration, said the attack was carried out in several waves, and air alerts lasted more than five hours.
“Today, the enemy decided to ‘congratulate’ the people of Kyiv on Kyiv Day with the help of their deadly UAVs [unmanned aerial vehicles],” Popko said on the Telegram messaging channel.
Several districts of Kyiv, by far the largest Ukrainian city with a population of around 3 million, suffered in the overnight attacks, officials said, including the historical Pecherskyi neighborhood.
Reuters witnesses said that during the air raid alerts that started soon after midnight, many people stood on their balconies, some screaming offensives directed at Russia’s President Vladimir Putin and “Glory to air defense” slogans.
In the leafy Holosiivskyi district in the southwestern part of Kyiv, falling debris set a three-story warehouse on fire, destroying about 1,000 square meters (10,800 square feet) of building structures, Mayor Klitschko said.
A fire broke out after falling drone debris hit a seven-story non-residential building in the Solomyanskyi district west of the city. The district is a busy rail and air transport hub.
In the Pecherskyi district, a fire broke out on the roof of a nine-story building due to falling drone debris, and in the Darnytskyi district a shop was damaged, Kyiv’s military administration officials said on Telegram.
Read more:

Iran says Ukraine president drone criticism aims to attract more arms, aid from West
Russia will not win Ukraine war, ‘bloody’ days ahead: Top US general
Ukraine secures release of 106 soldiers in prisoner exchange with Russia: Kyiv

Continue Reading

World

US President Biden, House Speaker McCarthy reach tentative debt ceiling deal


US President Joe Biden and top congressional Republican Kevin McCarthy reached a tentative deal to suspend the federal government’s $31.4 trillion debt ceiling on Saturday evening, ending a months-long stalemate.
However, the deal was announced without any celebration, in terms that reflected the bitter tenor of the negotiations and the difficult path it has to pass through Congress before the United States runs out of money to pay its debts in early June.
For the latest headlines, follow our Google News channel online or via the app.
“I just got off the phone with the president a bit ago. After he wasted time and refused to negotiate for months, we’ve come to an agreement in principle that is worthy of the American people,” McCarthy tweeted.
Biden called the deal “an important step forward” in a statement, saying: "The agreement represents a compromise, which means not everyone gets what they want. That’s the responsibility of governing.”
The deal would suspend the debt limit through January of 2025, while capping spending in the 2024 and 2025 budgets, claw back unused COVID-19 funds, speed up the permitting process for some energy projects and includes some extra work requirements for food aid programs for poor Americans.
After months of back-and-forth, the tentative agreement came together in a flurry of calls. Biden and McCarthy held a 90-minute phone call earlier on Saturday evening to discuss the deal, McCarthy briefed his members later in the evening, and the White House and the House leader spoke afterward.
“We still have more work to do tonight to finish the writing of it,” McCarthy told reporters on Capitol Hill. McCarthy said he expects to finish writing the bill on Sunday, then speak to Biden and have a vote on the deal on Wednesday.
Biden and McCarthy have to carefully thread the needle in finding a compromise that can clear the House, with a 222-213 Republican majority, and Senate, with a 51-49 Democratic majority — meaning it will need bipartisan support before the president can sign it.
Negotiators have agreed to cap non-defense discretionary spending at 2023 levels for one year and increase it by 1 percent in 2025, a source familiar with the deal said.
“It has historic reductions in spending, consequential reforms that will lift people out of poverty into the workforce, rein in government overreach – there are no new taxes, no new government programs,” McCarthy said.
The deal will avert an economically destabilizing default, so long as it succeeds in passing it through the narrowly divided Congress before the Treasury Department runs short of money to cover all its obligations, which it warned on Friday will occur if the debt ceiling issue was not resolved by June 5.
Republicans who control the House of Representatives have pushed for steep cuts to spending and other conditions, and were sharply critical of the deal as early details were reported.
Republican Representative Bob Good, a member of the conservative House Freedom Caucus, tweeted that he was hearing the deal would raise the debt by $4 trillion, and added “IF that is true, I don’t need to hear anything else. No one claiming to be a conservative could justify a YES vote.”
North Carolina’s Dan Bishop described the deal earlier Saturday as “utter capitulation in progress. By the side holding the cards.”
One high-ranking member of the House Freedom Caucus said they were in the process of gauging member sentiment, and unsure what the vote numbers might be.

Taxes vs spending cuts

Republicans say they want to cut spending to slow the growth of the US debt, which is now roughly equal to the annual output of the country’s economy. Biden and Democrats have pushed to increase taxes on the wealthy and companies to shrink the debt while increasing spending on programs like free community college.
The long standoff on raising the debt ceiling spooked financial markets, weighing on stocks and forcing the United States to pay record-high interest rates in some bond sales. A default would take a far heavier toll, economists say, likely pushing the nation into recession, shaking the world economy and leading to a spike in unemployment.
Biden for months refused to negotiate with McCarthy over future spending cuts, demanding that lawmakers first pass a “clean” debt-ceiling increase free of other conditions, and present a 2024 budget proposal to counter his budget issued in March.
Two-way negotiations between Biden and McCarthy began in earnest on May 16.
The work to raise the debt ceiling is far from done. McCarthy has vowed to give House members 72 hours to read the legislation before bringing it to the floor for a vote.
That will test whether enough moderate members support the compromises in the bill to overcome opposition from both hard-right Republicans and progressive Democrats to reach a simple majority vote.
Then it will need to pass the Senate, where it will need at least nine Republican votes to succeed. There are numerous opportunities in each chamber along the way to slow down the process.
Read more:
The US debt ceiling recurringly threatens world economic stability
White House calls debt negotiations with Republicans ‘productive’
US debt ceiling standoff ‘unnecessary’ for world economy: IMF head

Continue Reading

World

Voting starts in Turkey’s presidential election runoff


Voting starts in Turkey’s presidential election runoff, Reuters reports.
Developing

Continue Reading

Trending