Special envoy to Moscow
This is not the first time, far from it, that Russian hackers have attacked United States institutions - they even managed to parasitize the 2016 presidential election. But this time, it is a pillar of the system. American Treasury, which has been targeted among others, presumably by APT29, aka Cozy Bear, according to the
Washington Post.
It is this same group, affiliated with the Russian government, which was allegedly behind the attacks on Democratic candidate Hillary Clinton four years ago.
»Our report -
The most incredible cyberattacks in history
Unsurprisingly, Kremlin spokesman Dmitry Peskov has dismissed all responsibility for the large-scale cyberattack that came to light last weekend.
"It was Vladimir Poutine who proposed to the American side to conclude an agreement on cybersecurity",
argued Peskov, adding that
"Washington had not responded to this offer".
6 Russian military intelligence agents were indicted last October in the United States for global cyberattacks.
Besides the Treasury Department, the Commerce Department has also been in the crosshairs of hackers;
who, according to Reuters, were able to monitor the exchanges of emails within these two administrations, and this between March and June.
Clearly, a massive and very sophisticated targeted offensive.
And still this would only be the
"tip of the iceberg",
according to American specialists, other federal agencies whose name has not been revealed having been affected, causing "leaks" potentially very valuable information for Russia.
The case was in any case considered to be so serious that it provoked the urgent meeting on Saturday morning of a National Security Council (NCS).
"The United States government is aware of this information and we are taking all necessary measures to identify and remedy any possible problem related to this situation,"
admitted John Ullyot, spokesperson for the NCS.
Read also:
The crisis widens the scope of cyber attacks against businesses
The Commerce Department also confirmed these security incidents.
“We can confirm that there has been a breach in one of our offices.
We asked the Cybersecurity and Infrastructure Security Agency (Cisa) and the FBI to investigate, ”
detailed the ministry headed by Wilbur Ross.
In Washington, Monday was evoked a vast campaign of "
global espionage
", affecting the sectors of high technology, telecommunications and hydrocarbons.
The hackers would have entered the servers of their targets via the Texan computer company SolarWinds, which mainly serves the American army and the intelligence services.
Typically, malware (computer virus) is placed in healthy software that serves as a vector to penetrate and infect adversary systems.
But in this case, it is an
"ultra-sophisticated attack, targeted and carried out manually on the chain of support by a State",
indicated the company SolarWind, which specified that
"less than 18,000"
of its customers could to have been affected by the attack.
The Department of National Security has issued an alert asking all users in IT contact with SolarWinds to log out.
One of Joe Biden's priority files
When he arrives at the White House, Joe Biden will have, among his priority files, that of cyber warfare, which continues to grow.
As late as last Tuesday, it was the American computer security company FireEye, itself usually called to the rescue by its customers during cyberattacks, which admitted to having been the object of a highly complex hack, which it also suspects a State to be at the origin.
We do not conduct offensive operations on the internet.
Russian embassy
Even though the attribution of these cyber attacks remains a major problem, the shadow of Russia looms behind many high-profile IT events targeting critical infrastructures in different parts of the world.
Last October, in the United States, six agents of the Russian military intelligence, the GRU, were thus indicted for cyberattacks of global scale.
They
"are accused of carrying out the most destructive and disruptive series of computer attacks ever attributed to a single group,"
according to US Deputy Justice Minister John Demers.
The list of their misdeeds, between 2015 and 2019, is edifying and ranges from the paralysis of the heating system to that of the ports of Amsterdam and Bombay, thanks to the malware NotPetya, the phishing of the Winter Olympics in South Korea in 2018, and the massive leak of documents from the En Marche!
Emmanuel Macron on the eve of the 2017 presidential election
… "We are not carrying out offensive operations on the internet,"
the Russian Embassy in Washington reaffirmed on Monday in a statement.
»READ ALSO - Six Russian soldiers accused by the United States of cyberattacks
