HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » General Discussion (Forum) » America spent millions on...

Tue Feb 2, 2021, 02:16 PM

America spent millions on a cybersecurity system that wasn't implemented -- and might have stopped t

Pro Publica on Raw Story
February 02, 2021

As America struggles to assess the damage from the devastating SolarWinds cyberattack discovered in December, ProPublica has learned of a promising defense that could shore up the vulnerability the hackers exploited: a system the federal government funded but has never required its vendors to use.

The massive breach, which U.S. intelligence agencies say was “likely Russian in origin," penetrated the computer systems of critical federal agencies, including the Department of Homeland Security, the Treasury Department, the National Institutes of Health and the Department of Justice, as well as a number of Fortune 500 corporations. The hackers remained undetected, free to forage, for months.

The hackers infiltrated the systems by inserting malware into routine software updates that SolarWinds sent to customers to install on its products, which are used to monitor internal computer networks. Software updates customarily add new features, remove bugs and boost security. But in this instance, the hackers commandeered the process by slipping in malicious code, creating secret portals called “back doors" that granted them access to an untold bounty of government and company secrets.

The incursion became the latest — and, it appears, by far the worst — in a string of hacks targeting the software supply chain. Cybersecurity experts have voiced concern for years that existing defenses, which focus on attacks against individual end users, fail to spot malware planted in downloads from trusted software suppliers. Such attacks are especially worrisome because of their ability to rapidly distribute malicious computer code to tens of thousands of unwitting customers.

https://www.rawstory.com/solarwinds-2650257209/

2 replies, 567 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 2 replies Author Time Post
Reply America spent millions on a cybersecurity system that wasn't implemented -- and might have stopped t (Original post)
Wicked Blue Feb 2021 OP
samsingh Feb 2021 #1
Wicked Blue Feb 2021 #2

Response to Wicked Blue (Original post)

Tue Feb 2, 2021, 02:18 PM

1. i think the repug plan was to allow the cyber attacks.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to samsingh (Reply #1)

Tue Feb 2, 2021, 02:27 PM

2. I agree with you nt

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread