US Cyber attack

by | Nov 27, 2022

The US Department of Energy states that it has been struck by the Sunburst hack

In what is described as the worst-ever hack on the US government, the US energy department is the latest agency to confirm it has been breached.

The department is responsible for the management of U.S. nuclear weapons but said the security of the arsenal was not compromised.

On 17th December, tech giant Microsoft also said it had found malicious software in its systems.

Many suspects that the Russian government is liable. Any involvement has been denied.

Among the other targets of the sophisticated, months-long hack, which was first confirmed by officials on 13th December, are the US Treasury and Commerce departments.

Who were impacted, and how bad is that?

The size of the hack is potentially global and potentially catastrophic for companies because the affected software affects several areas of a business.

SolarWinds, of Austin, Texas, provides hundreds of thousands of organizations around the world, including several Fortune 500 corporations and government agencies in North America, Europe, Asia and the Middle East, with network control and other technological services.

Its compromised product, Orion, accounts for almost half of the annual sales of SolarWinds (this year the company has taken in more than $750m). The centralized control of Orion searches for issues in the computer networks of a company, which means that breaking in gave such networks a “God view” to the attackers.

SolarWinds said it sent an alert to around 33,000 of its Orion customers who may have been impacted, although it reported that the compromised product update had already been installed earlier this year by a smaller number of customers, less than 18,000.

Neither SolarWinds nor the United States cybersecurity authorities have publicly reported can organizations have been violated. Just because SolarWinds is used by a corporation or organization as a supplier does not necessarily indicate that it was prone to hacking.

Who’s behind the hack?

SolarWinds said it was told that its networks were compromised with malware by an “outside nation-state”. Neither the US government nor the businesses impacted have publicly declared which nation-state they believe is accountable.

On December 14th, an American official, speaking on condition of anonymity due to an ongoing investigation, told the Associated Press that Russian hackers were suspected. Russia said it had “nothing to do” with the hacking.

The infiltration tactic involved, referred to as the “supply-chain” process, recalled the Russian military hacker technique used in 2016 to infect businesses in Ukraine with the hard-drive-wiping NotPetya virus, the most destructive cyber-attack to date, in order to infect businesses in Ukraine.

What’s next?

Moving forward, the EINSTEIN system of the Department of Homeland Security, which is designed to avoid intrusions and track malicious traffic on federal computer networks, is likely to be subject to increased scrutiny.

According to a former senior DHS official, the framework is focused on detecting known malicious activity and performs well if it knows what it’s looking for.

“If you don’t know what you’re looking for, it’s a problem”, the official said, adding that it is likely to raise questions among lawmakers who have allocated billions of dollars to the program. The incoming Biden administration, the former official said, would need to take a “hard look at Einstein”.

The Government Accountability Office, which acts as the watchdog for Congress, concluded in 2018 that, despite some changes, there were still drawbacks to the structure that handles EINSTEIN.

It is unclear, however, whether the existing systems in place would have caught the new hack.

Even if it was highly effective in the cybersecurity of the country, it is quite possible that this infringement would not have been caught, “Even if everything was highly effective in the government’s cybersecurity, it’s quite likely this breach wouldn’t have been caught”, An objective review has not been performed by GAO yet.

“Agencies are going to have to continue to do more to build all the piece of the puzzle, so if they do get hacked — how do they figure out what happened and clean up afterwards in the event they can’t catch something”.

D’Souza said agencies lack their skills for “logging”— the ability to go back and look at a network and find out what happened in the aftermath of a breach.

Neither SolarWinds nor the United States cybersecurity authorities have publicly reported can organizations have been violated. Just because SolarWinds is used by a corporation or organization as a supplier that it was prone to hacking.

How to get Microsoft Defender Health on Mac Fleet

Managing Macs for multiple companies gives us the opportunity to work in various environment and detect issues where it occurs first & then implement a solution for all others at the same time. Recently there was a requirement to find if there are MDD instances...

Implementing Machine Learning in IT Support Setup

Machine learning has the potential to revolutionize the way IT support businesses operate. This cutting-edge technology can be applied in a number of ways to improve the efficiency, accuracy, and speed of IT support services. Here are some ways that machine learning...

Benefits of Apple Business Managers

Apple Business Manager is a web-based platform designed to streamline the process of purchasing, deploying, and managing Apple devices within a business organization. It allows IT administrators to manage and distribute Apple devices and apps to their employees,...

Adoption of Macs in Enterprise: A Growing Trend

This image belongs to In recent years, there has been a growing trend of enterprises adopting Macs as their primary desktop and laptop computers. This shift in technology can be attributed to several factors, including...

ESG as future of IT

ESG, or environmental, social, and governance, is becoming increasingly important in the field of IT. As technology continues to advance and play a larger role in our daily lives, companies are being held to higher standards in terms of their impact on the environment...

Secure Your Mac with FileVault

FileVault is a built-in encryption tool for Macs that helps protect your data from unauthorized access by encrypting your hard drive. Enabling FileVault is a simple process that only takes a few minutes, and it can give you peace of mind knowing that your data is safe...

Is outsourcing IT to India is better or keeping it inhouse?

There are pros and cons to both outsourcing IT services to India and keeping IT within the company. Ultimately, the decision to outsource or keep IT in-house will depend on the specific needs and goals of the company, as well as the resources and capabilities...

How to be a good SCRUM Master

In an Agile development team, the Scrum Master is a crucial role that helps the team to work effectively and efficiently. A Scrum Master is responsible for facilitating the team's use of the Scrum framework and ensuring that the team is able to deliver high-quality...

Basics of Enterprise Patch Management

Enterprise patch management is the process of ensuring that all the software and applications within an organization are kept up-to-date with the latest patches and updates. This is important because software and applications are constantly being improved and updated...

Cost saving for enterprises by choosing M1 Macs

The M1 Mac has had a significant impact on the enterprise market since its release. As a highly-efficient and powerful machine, the M1 Mac has proven to be a valuable asset to businesses in a variety of industries. One of the key benefits of the M1 Mac is its improved...

CRM Is A Process, Not A Product! How Can We Make CRM A Successful Tool?

CRM (Customer Relationship Management) is software that allows businesses to manage business relationships and information associated with them. It provides a platform that manages interactions with customers, stores information about them, and automates processes...


Digital Workplace Services

Automated Tasks

 Office IT Support

Intune for Win & Mac

Citrix Virtual Apps

Mac Win iOS Android

Mac & Win Trained