Hackers penetrate sensitive “military” sectors.. in America


Suspected foreign hackers have infiltrated 9 organizations in the defense, energy, healthcare, technology and education sectors – at least one of which is located in United StateAccording to findings from security firm Palo Alto Networks,

With the help of the National Security Agency, cybersecurity researchers, CNN reported, exposed ongoing efforts by these anonymous hackers to steal key data from US defense contractors and other sensitive targets.

A division of the National Security Agency responsible for mitigating foreign cyber threats to the US defense industrial base also contributed analysis to the Palo Alto Networks report.

According to CNN, this is the type of electronic espionage that the security services in each of the two administrations of the current US president have sought Of the bygones And the former Donald Trump to expose it before it causes much damage.

Burn hacker tools

The purpose of releasing this information to the public is to warn other companies that may be targeted, as well as to burn hackers’ papers.

Officials from both the National Security Agency and the US Cyber ​​and Infrastructure Security Agency (CISA) track the threat.



Long term

“In this case, the hackers stole passwords from some of the targeted organizations in order to maintain long-term access to those networks,” Ryan Olson, a senior executive at Palo Alto Networks and vice president of Unit 42, told CNN.

Which could allow them later, according to the spokesman, to intercept sensitive data sent via e-mail or stored on computer systems until they are expelled from the network.

Olsen also pointed out that the nine confirmed victims are the “spearhead” in the apparent espionage campaign, expecting more victims to emerge.



Suspected Chinese hacking group

It is not clear who is responsible for this campaign, but Palo Alto Networks said that some of the attackers’ tactics and tools overlap with those used by a suspected Chinese hacking group, while the NSA and CISA declined to comment on the identity of the hackers.

Thanks to their national security secrets, US defense contractors are a frequent target of foreign hackers.

Cybersecurity firm Mandiant revealed earlier this year that hackers linked to China were exploiting a different software vulnerability to breach defense institutions, the financial and public sector in the United States and Europe.



“Really useful”

Olson said any company dealing with the Pentagon could have a range of data in their emails about defense contracts that might be of interest to foreign spies.

He also added: “In general, access to that information can be really useful,” adding: “Even if it is not confidential information, even if it is just information about how to do the work.”

In the campaign uncovered by Palo Alto Networks, attackers exploit a vulnerability in software companies use to manage their network passwords.

Exploit software flaw

Recall that in September CISA and the FBI warned that hackers were exploiting a software flaw and urged organizations to update their systems. Days later, hackers tracked by Palo Alto Networks scanned 370 computer servers running the program in the United States alone, and then began exploiting the program.

Olson also encouraged organizations using Zoho to update their systems and look for signs of intrusion.

Federal officials confirmed to CNN that the revelations of hacking activity is evidence that they are working closely with cybersecurity companies to stay on top of threats.

Source link


Please enter your comment!
Please enter your name here