Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Government Security United Kingdom

US and UK Release Details on Russia's SolarWinds Hackers (bloomberg.com) 8

The U.S. and U.K. released details on Friday about how Russia's foreign intelligence service operates in cyberspace, the latest effort to try to disrupt future attacks. From a report: The report contains technical resources about the group's tactics, including breaching email in order to find passwords and other information to further infiltrate organizations, in addition to providing software flaws commonly exploited by the hackers. It also offers details about how network administrators can counter the attackers' tactics. "The group uses a variety of tools and techniques to predominantly target overseas governmental, diplomatic, think-tank, health-care and energy targets globally for intelligence gain," the two countries wrote in a Friday report authored jointly by the U.K.'s National Cyber Security Centre and three U.S. agencies, the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency and the National Security Agency.
This discussion has been archived. No new comments can be posted.

US and UK Release Details on Russia's SolarWinds Hackers

Comments Filter:
  • Report link (Score:5, Informative)

    by Charlotte ( 16886 ) on Friday May 07, 2021 @01:14PM (#61359556)
    The report can be found here [ncsc.gov.uk].
  • Here is the actual report: https://www.ncsc.gov.uk/files/... [ncsc.gov.uk]

    I have not finished reading it yet, but it is so far (half-way through) the usual bollocks by attribution without any evidence of origin. The only positive change is an actual list of CVEs and exploits (most of them well known and in use by everyone and their dog).

    The report also contains links to analysis of some of the components by third parties.

    Need to finish reading it (probably after dinner).

    • by kot-begemot-uk ( 6104030 ) on Friday May 07, 2021 @01:31PM (#61359646) Homepage
      Just finished reading it - the "proof" is that the targets are "interesting" to the Russians.

      Well, f*cking hell, that means they are also interesting to Chinese, NK, Iran, Hezbollah and god knows who else. As far as proof goes that is NIL.

      The other interesting parts are:

      1 The key part of the malware is written in Go. That is a rather obvious development - you do not need to bother about runtime libs because it generates a big statically linked executable and it is relatively easy to write in.

      2. The big (detected) fallout is not from Solarwinds. The big fallout is from Solarwinds being used to breach mimecast and get their hands on a certificate. That is something the write-up is very suspiciously skimpy on and that is the interesting part because mimecast is in use by UK govt, Uk parliament, most NATO governments, their dog and their cat.

    • I expected this to be the same quality reporting we saw when New Knowledge faked Russian election interference and Bloomberg coverage of China Supermicro mainboard modifications.

      In other words - complete unbelievable, unbacked, bullshit.

  • "The report contains technical resources about the group's tactics" Hypocritical projection much?
  • I am all for punishing Russia, China, but this is a breakdown in our National security agencies. Never again allow a corporation to develop software that can be hacked so easily. It’s time to develop a secure 2nd internet system that cannot be made available to the public and only for national security purposes. https://writemyessay.onl/write... [writemyessay.onl]

Technology is dominated by those who manage what they do not understand.

Working...