AGL 40.01 Decreased By ▼ -0.01 (-0.02%)
AIRLINK 187.98 Increased By ▲ 9.91 (5.57%)
BOP 10.12 Increased By ▲ 0.16 (1.61%)
CNERGY 7.11 Increased By ▲ 0.17 (2.45%)
DCL 10.15 Increased By ▲ 0.06 (0.59%)
DFML 41.57 No Change ▼ 0.00 (0%)
DGKC 107.91 Increased By ▲ 1.02 (0.95%)
FCCL 39.00 Decreased By ▼ -0.03 (-0.08%)
FFBL 82.02 Increased By ▲ 0.13 (0.16%)
FFL 14.90 Increased By ▲ 1.20 (8.76%)
HUBC 119.46 Increased By ▲ 0.21 (0.18%)
HUMNL 14.05 Increased By ▲ 0.05 (0.36%)
KEL 6.40 Increased By ▲ 0.49 (8.29%)
KOSM 8.07 Increased By ▲ 0.01 (0.12%)
MLCF 49.47 Increased By ▲ 1.37 (2.85%)
NBP 73.66 Increased By ▲ 0.83 (1.14%)
OGDC 204.85 Increased By ▲ 11.09 (5.72%)
PAEL 33.56 Increased By ▲ 1.41 (4.39%)
PIBTL 8.07 Increased By ▲ 0.05 (0.62%)
PPL 185.41 Increased By ▲ 11.34 (6.51%)
PRL 33.61 Increased By ▲ 1.01 (3.1%)
PTC 27.39 Increased By ▲ 2.12 (8.39%)
SEARL 119.82 Decreased By ▼ -5.14 (-4.11%)
TELE 9.69 Increased By ▲ 0.27 (2.87%)
TOMCL 35.30 Decreased By ▼ -0.09 (-0.25%)
TPLP 12.25 Increased By ▲ 0.63 (5.42%)
TREET 20.26 Increased By ▲ 1.84 (9.99%)
TRG 60.78 Increased By ▲ 0.29 (0.48%)
UNITY 37.99 Decreased By ▼ -0.22 (-0.58%)
WTL 1.65 Decreased By ▼ -0.01 (-0.6%)
BR100 11,772 Increased By 249.2 (2.16%)
BR30 36,584 Increased By 1034.2 (2.91%)
KSE100 110,810 Increased By 1913.6 (1.76%)
KSE30 34,429 Increased By 620.5 (1.84%)

WASHINGTON: A devastating cyberattack on US government agencies has also hit targets worldwide with the list of victims still growing, according to researchers, heightening fears over computer security and espionage. Microsoft said late Thursday that it had notified more than 40 customers hit by the malware which security experts say came from hackers linked to the Russian government and which could allow attackers unfettered network access.

"While roughly 80 percent of these customers are located in the United States, this work so far has also identified victims in seven additional countries," Microsoft president Brad Smith said in a blog post.

Smith said the victims were also found in Canada, Mexico, Belgium, Spain, Britain, Israel and the United Arab Emirates.

"It's certain that the number and location of victims will keep growing," Smith said, echoing concerns voiced this week by US officials on the grave threat from the attack.

"This is not 'espionage as usual,' even in the digital age," Smith said.

"Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world."

John Dickson of the security firm Denim Group said many private sector firms which could be vulnerable are scrambling to shore up security, even to the point of considering rebuilding their servers and other equipment.

"Everyone is in damage assessment now because it's so big," Dickson said.

"It's a severe body blow to confidence both in government and critical infrastructure."

The threat comes from a long-running attack which is believed to have injected malware into computer networks using enterprise management network software made by the Texas-based IT company SolarWinds, with the hallmarks of a nation-state attack.

The National Security Agency, the secretive US military intelligence operation, called for increased vigilance to prevent unauthorized access to key military and civilian systems.

"The recent SolarWinds Orion code compromise is one serious example of how on-premises systems can be compromised, leading to abuse of federated authentication and malicious cloud access," the NSA said.

Analysts have said the attacks pose threats to national security by infiltrating key government systems, while also creating risks for key infrastructure controls for systems such as electric power grids and other utilities.

The US Cybersecurity and Infrastructure Security Agency (CISA) said US government agencies, critical infrastructure entities, and private sector organizations had been targeted by what it called an "advanced persistent threat actor."

CISA did not identify who was behind the malware attack but private security companies pointed a finger at hackers linked to the Russian government.

US Secretary of State Mike Pompeo also suggested involvement by Moscow on Monday, saying the Russian government had made repeated attempts to breach US government networks.

President-elect Joe Biden expressed "great concern" over the computer breach while Utah Senator Mitt Romney blamed Russia and slammed what he called "inexcusable silence" from the White House.

Romney likened the cyberattack to a situation in which "Russian bombers have been repeatedly flying undetected over our entire country."

Senator Marco Rubio told Fox News: "It is massive. It is still, I would argue, probably persistent. It is still ongoing... It's a grave risk to federal, to state, to local governments, to critical infrastructure, to the private sector."

CISA said the computer intrusions began in at least March 2020 and the actor behind them had "demonstrated patience, operational security and complex tradecraft."

"This threat poses a grave risk," CISA said in a statement Thursday, adding that it "expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations."

Hackers reportedly installed malware on software used by the US Treasury Department and the Commerce Department, allowing them to view internal email traffic.

Media reports said the Department of Energy, which manages the government's nuclear arsenal, had also been breached.

SolarWinds said up to 18,000 customers, including government agencies and Fortune 500 companies, had downloaded compromised software updates, allowing hackers to spy on email exchanges.

After the attack was detected, CISA ordered federal agencies to power down the breached software.

Comments

Comments are closed.