By Thomas Moore
According to experts, cyber-attacks involving nation-states continue to increase. In a previous blog post, the LEO team pointed out that the global pandemic has distracted attention and made institutions more vulnerable from these large-scale operations.
This week, LEO has been monitoring the fast-moving story of a popular IT management software hack that impacted the U.S Treasury and Commerce departments. Initial accounts site that email correspondence was compromised by foreign entities, with initial suspicions of Russian involvement. The story has now evolved to include more than 18,000 U.S.-based organizations, including Fortune 500 companies and government entities.
But there is more concern that the tentacles of the incident run far deeper. This occurrence was so significant that the National Security Council was reportedly convened. In addition, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive for federal agencies to disconnect from the infected management platform.
Preliminary analysis revealed that the infiltration was initiated during software updates. There is also an indication that this is associated with a more widespread nefarious campaign against a major security software provider for the feds.
This news is no small matter. The fact that state-sponsored actors targeted and successfully accessed secure data from federal institutions and such a broad swath of influential companies indicates the sophisticated nature of the attacks and confirms a sobering reality for security professionals. Quite simply, if these systems can be successfully compromised, it is reasonable to assume the tools leveraged by the bad actors will disseminate among the hacker community to be used on a broader basis a la the Shadow Brokers leak.
Our experts are familiar with attacks such as these and share this knowledge with our customer base to ensure they are as prepared as possible. We recommend maintaining diligence and partnering with seasoned professionals who understand the threat landscape with the ability to institute sound cyber programs to combat emerging threats that have the potential to proliferate.
LEO Cyber Security lives and breathes CaaS, and we can make it even more user-friendly. To learn more, feel free to contact us. We’re here to help.