U.S. Treasury targets computer attack
According to various information circulating on the subject, some US federal agencies have been targeted by a computer attack by a group of hackers believed to be affiliated with the Russian government.
This would be the group classified as APT29 Advanced Persistent Threats.
In response to this large-scale operation, the U.S. Treasury Department and several other government administrations had to ensure an emergency meeting of the National Security Council.
This article will also interest you: In the face of the wave of cyberattacks, U.S. senators are demanding a response from the government
It is also not the first time that Russian-affiliated cyber criminals have been accused of attacking the computer systems of US institutions. Already in 2016, they were accused of interfering in the US election. But this time, it's not just any situation that's been targeted. It's the U.S. Treasury. The pillars of the U.S. system.
The Russian cybercriminal group Cozy Bear, also known as APT 29, was reportedly directly involved, according to US media outlet The Washington Post. It is recalled that this is the same group that was accused for taking on the Democratic candidate, Donald Trump's opponent four years ago, Hillary Clinton.
For its part, the Russian government through its spokesman has not failed to strongly deny any Russian involvement in this cyberattack offensive. "It was Vladimir Putin who proposed to the American side to conclude a cybersecurity agreement," the Kremlin spokesman said, adding that "Washington did not respond to this offer."
To explain the context a little, it should be recalled that during last October, there had been the indictment of 6 agents involved in the Russian military intelligence services.
Regarding the massive offensive that has affected U.S. federal agencies, outside the Treasury Department, the Department of Commerce has also been targeted by hackers. According to the Reuters news agency, the cyberattack allowed hackers to monitor email exchanges at the two US agencies. This is between March and June 2020.
According to computer security experts, it is likely that the computer attack of these two U.S. agencies would be just the "tip of the iceberg". As a result, it is highly likely that other federal agencies could have been affected and whose names have not yet been revealed. The seriousness of this case is that it forced an emergency meeting of the National Security Council. "The U.S. government is aware of this information and we are taking all necessary steps to identify and address any potential problems related to this situation," said John Ullyot, spokesman for the NCS.
On the Commerce side, there have been confirmation of computer attacks suffered by its system. "We can confirm that there was a breach in one of our offices. We have asked the Cybersecurity and Infrastructure Security Agency (Cisa) and the FBI to investigate," said the U.S. Administration Department headed by Wilbur Ross.
On Monday, there was already talk of a campaign of computer attacks that targeted important sectors such as telecommunications, hydrocarbons and high technology. Hackers allegedly managed to infiltrate the servers of a computer solutions company, SolarWinds, known as the provider of several U.S. intelligence agencies and even the military. According to several observations, the computer attack that was not simplistic enough. There has been the use of very sophisticated processes. "Ultra-sophisticated, targeted and manually carried out on the support chain by a state," said SolarWind, which noted that "less than 18,000" of its customers may have been directly or indirectly affected by the cyberattack. As a result, the U.S. Department of Homeland Security automatically alerted all users of computer solutions affiliated with SolarWinds tools to disconnect.
The new U.S. president will have to deal with one of the hottest issues from his early term to taking office.
Last week, cybersecurity firm FireEye publicly announced that it had been hit by a computer attack. A computer attack that could have been sponsored by a state, given the sophistication of the operation.
Now access an unlimited number of passwords: