SOLARWINDS TACTICS IS BACK!
SolarWinds hacks as it is known was detected in Dec 2020, was a supply chain attack on its Orion software. It is widely used in government and industry. As it came as a part of patch management / upgrade, so there was no way it could be suspected. Fire Eye, a leading cyber security company was one of the targets, in all 18.000. It included top departments of the government of the US and nearly four / fifths of the Fortune 500 companies. Lying supposedly dormant in the system, it was the worst espionage incident suffered by the US. The suspect was Russia, that is what US has claimed.
The same hackers are back in recent months to hack US organizations to collect intelligence. They have also been targeting an unnamed European government that is a NATO member. New findings that hacking groups connected to Russia’s foreign intelligence service are in hot pursuit of intelligence held by US and its allies. They have become adept at targeting widely used cloud computing technologies. The Russian invasion of Ukraine provide a perfect backdrop for the need for such type of intelligence. Some US organizations networks have been compromised which have data of interest for the Russian government.
The details of the number or types of organizations has not be provided in the public domain. Cyber Security firm Palo Alto Networks said that the Russian hacking group have been using popular services like Dropbox and Google Drive to deliver malicious software. This tactics was used for embassies of an unnamed European government in Portugal and Brazil. It is not clear as to how successful these attempts were. These hacking campaigns are the latest example of how elite Russian hacking group tried to evade UG government and private investigators. The Russian hacking group is best known for using tampered SolarWinds software.
This activity continued throughout 2021, inclusive of European governments networks. Google is aware of this activity and is taking steps to protect any potential targets. Dropbox has disabled such user accounts. Google’s Threat Analysis Group (TAG) has been able to find out an effort of Russia’s FSB intelligence service to track Ukrainian hackers, who in the past have targeted Russians. Link of bugged app are also circulating. The group responsible has been identified as Turla. This group is Russia’s top espionage team in league with the SolarWinds intruders. It has also targeted Latvia, Lithuania and other European governments. New sources of intelligence certainly help in war. There is also no denying the fact, the cyber war has become a part of conventional war, when it happens.
INTELLIGENCE, ESPIONAGE AND STEALTH HAVE FOUND A NEW MEANING AND DEFINITION IN THE EVER-EVOLVING WORLD OF HACKS.