Cybersecurity, Privacy, & AI

Trending Now

AI-Powered Infrastructure: How Public-Private Partnerships are Building the Future of Transportation • Anticipated Executive Order Could Give NSA a Role in Voluntary AI Model Testing • CIRCIA Is Coming: What Government Contractors Need to Know About the Upcoming Cyber Incident Reporting Rules • New Cyber Strategy Shows White House Getting Serious on Enforcement, Says Capgemini Exec • AI Drives New Debate Around CISA Software Patching Deadlines

Published on April 8, 2021 • Cyber

Details of SolarWinds Attack Forthcoming from Federal Government

Ascannio | Shutterstock

US Cyber Command and the Department of Homeland Security are preparing to publish a detailed analysis of the hacking tools used in the SolarWinds attack, in which suspected Russian spies targeted multiple federal agencies and private firms last year. According to sources, the report will detail 18 pieces of malware used in the attack. CYBERCOM and CISA have said the goal of releasing this report is “reduced exposure to malicious activity” for U.S. organizations. The scheduling of the report remains in flux, with at least one promised date retracted.

The report describes a backdoor dubbed Sunshuttle which gave the hackers backdoor access, a popular webshell called China Copper which prevents access from being cut off, and a tool called Sibot that masquerades as Windows software to infect targeted machines. Current and former government officials have claimed that the hackers breached email accounts belonging to former acting DHS head Chad Wolf and other senior members of the DHS cybersecurity division.

Sources:

CyberScoop: US Report Details SolarWinds Hacking Tools
Computing: USA to Publish Detailed Analysis of SolarWinds Hacking Tools

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.