SolarWinds Hackers Return, Launch Phishing Campaign Using Compromised Account of US Foreign Aid Agency
Tuesday, June 1, 2021
The target selection also increases the possibility of connection to a foreign government. Microsoft notes that between the two attacks, the SolarWinds hackers have disproportionately focused on human rights and humanitarian organizations.
Wired is now reporting that the SolarWinds hackers are members of the SVR foreign intelligence agency, a claim that the head of the agency has denied. The SVR has been implicated in attacks on the US government dating back to the 2016 election, with intelligence agencies fingering it as the main driver behind a disinformation campaign designed to get Donald Trump elected. Ilia Kolochenko, Founder and CEO and Chief Architect of ImmuniWeb, believes that the finger-pointing ultimately has little practical application for most parties involved: “Sadly, the mechanics of the modern international law is toothless to indict and prosecute a sovereign state. Thus, even if once proven that the new attack was organized by a specific country, no trial or compensation will likely take place. Sanctions and counter-sanctions are already in place since almost a decade but seem to have no effect on the surging state-sponsored hacking campaigns … Moreover, reliable attribution of these attacks to any state is somewhat problematic both technically and legally speaking. First, many nation-state actors purposely hire foreign cyber mercenaries who have no connections with their countries. Oftentimes, they deal via so-called brokerage, making attribution even harder by placing hacking orders to trusted intermediaries who later hire and pay the attackers.” Read Full Article
teiss: Japanese government agencies suffered breaches following Fujitsu’s ProjectWEB hack
ITWeb: Dark Web marketplace Hydra rakes in $1.37bn in crypto