'..untold number of local government and private sector systems at "grave risk." .. Sen. Mitt Romney, R-Utah, Friday called President Donald Trump's lack of response "extraordinary" as the country faces the modern equivalent of "Russian bombers reportedly flying undetected over the entire country."
..
Once within a network, the code attacked Microsoft Office 365 products. Such an attack through Microsoft’s products “could have major consequences. Microsoft products are used globally, touching individual operating systems, video game services, cloud infrastructure, and more,” said Sivan Tehila, director of solution architecture at Perimeter 81, a cloud software security company also based in Tel Aviv, Israel.
..
Microsoft, which says its own networks were not breached, was able to find that its products were compromised “because they have world-class capabilities to discover these kinds of issues,” said Eric Noonan, CEO of CyberSheath, a Reston, Va.-based cybersecurity company. “But the reality is most breached organizations don’t have the capabilities or resources to investigate this and will find out they were hacked through third parties at a later time.”
..
This cyber attack "will likely rank as one of the worst (very possibly the worst ever) in the last decade given the targeted and cyber espionage nature of this attack," said Daniel Ives, an analyst with Wedbush Securities, in a note to investors Friday.''The first damage assessment of a sprawling cyber attack believed to be linked to Russia has been chilling enough.
With intrusions reported across a huge swath of the government – including at the Department of Energy's National Nuclear Security Administration – federal officials already are signaling that the worst may be yet to come.
The Department of Homeland Security's cyber security unit has acknowledged that the full scope of the attack is not yet known, with an untold number of local government and private sector systems at "grave risk."
..
Sen. Mitt Romney, R-Utah, Friday called President Donald Trump's lack of response "extraordinary" as the country faces the modern equivalent of "Russian bombers reportedly flying undetected over the entire country."
"They had the capacity to show that our defense is extraordinarily inadequate; that our cyber warfare readiness is extraordinarily weak," Romney said in an interview with Sirius XM, adding that the Kremlin acted with "impunity."
"And in this setting, not to have the White House aggressively speaking out and protesting and taking punitive action is really, really quite extraordinary," he added.
Michael Chertoff, a former Homeland Security secretary in the George W. Bush administration, said Friday that the breaches underscored the need for a "deterrent strategy during a time of cyber conflict."
..
Senate Intelligence Committee Vice Chairman Mark Warner, D-Va., characterized the hack Friday as "a devastating breach" that requires the president'sattention.
"An incident of this magnitude and lasting impact requires an engaged and public response by the U.S. government, led by a president who understands the significance of this intrusion and who is actively marshaling a domestic remediation strategy and an international response," Warner said. "It is extremely troubling that the president does not appear to be acknowledging, much less acting upon, the gravity of this situation.”
Yohannes Abraham, executive director of President-elect Joe Biden’s transition, repeated Biden’s Thursday warning that there would be consequences to those who attack the U.S. with malicious cyber operations.
..
The threat apparently came from the same cyberespionage campaign that has afflicted cybersecurity firm FireEye, foreign governments and major corporations.
The system is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies, which are now scrambling to patch their networks.
..
Once within a network, the code attacked Microsoft Office 365 products. Such an attack through Microsoft’s products “could have major consequences. Microsoft products are used globally, touching individual operating systems, video game services, cloud infrastructure, and more,” said Sivan Tehila, director of solution architecture at Perimeter 81, a cloud software security company also based in Tel Aviv, Israel.
..
Microsoft, which says its own networks were not breached, was able to find that its products were compromised “because they have world-class capabilities to discover these kinds of issues,” said Eric Noonan, CEO of CyberSheath, a Reston, Va.-based cybersecurity company. “But the reality is most breached organizations don’t have the capabilities or resources to investigate this and will find out they were hacked through third parties at a later time.”
Noonan compared the situation to “smelling smoke in your house and getting everyone out, compared to waking up to fire engines at three in the morning.”
This cyber attack "will likely rank as one of the worst (very possibly the worst ever) in the last decade given the targeted and cyber espionage nature of this attack," said Daniel Ives, an analyst with Wedbush Securities, in a note to investors Friday.'
-
Russian cyber attack against US: Worst may be yet to come, experts fear, as Trump remains mum, December 18, 2020
Context(SolarWinds hack) - 'Put simply, we need a more effective national and global strategy to protect against cyberattacks.'(SolarWinds hack - Digital Pearl Harbor - Cyberwarfare) - '..the SolarWinds Orion software vulnerability disclosed earlier this week is not the only way hackers compromised a variety of online networks..'(SolarWinds hack - Digital Pearl Harbor - Cyberwarfare) - Nuclear weapons agency breached amid massive cyber onslaught