Some of Our Sources
- BoingBoing
- Joshua Blankenship
- Six Revisions
- TutsPlus - Design
- You The Designer
- Creative Curio
- Reencoded
- Specky Boy
- Android Dissected
- Dev To
Help Webnuz
Referal links:
December 26, 2020 05:34 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/PiZOxJsB7mM/unforced-error-in-suspected-russian-data-breach-may-have-led-to-its-discovery
'Unforced Error' in Suspected Russian Data Breach May Have Led to Its Discovery
CNN reports:US officials and private sector experts investigating the massive data breach that has rocked Washington increasingly believe the attackers were ultimately discovered because they took a more aggressive "calculated risk" that led to a possible "unforced error" as they tried to expand their access within the network they had penetrated months earlier without detection, according to a US official and two sources familiar with the situation... FireEye was tipped off to the hackers' presence when they attempt to move laterally within the firm's network, according to the sources, a move that suggested the hackers were targeting sensitive data beyond emails addresses or business records. Whether that exposure was the result of a mistake by the attackers or because they took a calculated risk remains unclear, the sources said. "At some point, you have to risk some level of exposure when you're going laterally to get after the things that you really want to get. And you're going to take calculated risks as an attacker," one source familiar with the investigation said... Now, the hackers are attempting to salvage what access they can as the US government and private sector are "burning it all down," sources said, referring to their complete overhaul of networks, which will force the attackers to find new ways of getting the information they seek. Meanwhile, US officials continue to grapple with the fallout and assess just how successful the operation was, the US official said, noting that it is clear the nation-state responsible invested significant time and resources into the effort. While the scope of the hacking campaign remains unclear, government agencies that have disclosed they were impacted have said there is no evidence to date that classified data was compromised. But the way the hackers were discovered suggests the operation was intended to steal sensitive information beyond what was available on unclassified networks and sought to establish long-standing access to various targeted networks, the sources said. The fact that FireEye — not the federal government — discovered the breach has also raised questions about why the attack went undetected at US government agencies. The article also notes FireEye's acknowledgement that the breach "occurred when the hackers, who already had an employee's credentials, used those to register their own device to FireEye's multi-factor authentication system so they could receive the employee's unique access codes."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/PiZOxJsB7mM/unforced-error-in-suspected-russian-data-breach-may-have-led-to-its-discovery
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot