Will America Confront the Kremlin Over SolarWinds' Latest Massive Phishing Attack?
Published on May 31, 2021 at 07:04AM
In the latest SolarWinds mass-phishing attack, "The highest percentage of emails went to the United States, but [incident response firm] Volexity also saw a significant number of victims in Europe..." according to Security Week. In an article shared by Slashdot reader wiredmikey, they note that the attackers apparently compromised the Constant Contact account of USAID, an independent agency of the United States federal government that is primarily responsible for administering civilian foreign aid and development assistance — and then impersonated it in emails "to roughly 3,000 accounts across over 150 organizations in 24 countries." So what happens next? The Associated Press reports: The White House says it believes U.S. government agencies largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month's planned presidential summit. Officials downplayed the cyber assault as "basic phishing" in which hackers used malware-laden emails to target the computer systems of U.S. and foreign government agencies, think tanks and humanitarian groups. Microsoft, which disclosed the effort late Thursday, said it believed most of the emails were blocked by automated systems that marked them as spam. As of Friday afternoon, the company said it was "not seeing evidence of any significant number of compromised organizations at this time." Even so, the revelation of a new spy campaign so close to the June 16 summit between President Joe Biden and Russian counterpart Vladimir Putin adds to the urgency of White House efforts to confront the Kremlin over aggressive cyber activity that criminal indictments and diplomatic sanctions have done little to deter. "I don't think it'll create a new point of tension because the point of tension is already so big," said James Lewis, a senior vice president at the Center for Strategic and International Studies. "This clearly has to be on the summit agenda. The president has to lay down some markers" to make clear "that the days when you people could do whatever you want are over." There's a famous story about Vladimir Putin meeting Joe Biden back in 2011. A decade earlier former U.S. president George W. Bush had said when he'd looked Putin in the eye, "I was able to get a sense of his soul." But as Biden tells it, when he'd met Putin (who was then Russia Prime Minister), "I said, 'Mr. Prime Minister, I'm looking into your eyes, and I don't think you have a soul.'" "He looked back at me, and he smiled, and he said, 'We understand one another.'"
Published on May 31, 2021 at 07:04AM
In the latest SolarWinds mass-phishing attack, "The highest percentage of emails went to the United States, but [incident response firm] Volexity also saw a significant number of victims in Europe..." according to Security Week. In an article shared by Slashdot reader wiredmikey, they note that the attackers apparently compromised the Constant Contact account of USAID, an independent agency of the United States federal government that is primarily responsible for administering civilian foreign aid and development assistance — and then impersonated it in emails "to roughly 3,000 accounts across over 150 organizations in 24 countries." So what happens next? The Associated Press reports: The White House says it believes U.S. government agencies largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month's planned presidential summit. Officials downplayed the cyber assault as "basic phishing" in which hackers used malware-laden emails to target the computer systems of U.S. and foreign government agencies, think tanks and humanitarian groups. Microsoft, which disclosed the effort late Thursday, said it believed most of the emails were blocked by automated systems that marked them as spam. As of Friday afternoon, the company said it was "not seeing evidence of any significant number of compromised organizations at this time." Even so, the revelation of a new spy campaign so close to the June 16 summit between President Joe Biden and Russian counterpart Vladimir Putin adds to the urgency of White House efforts to confront the Kremlin over aggressive cyber activity that criminal indictments and diplomatic sanctions have done little to deter. "I don't think it'll create a new point of tension because the point of tension is already so big," said James Lewis, a senior vice president at the Center for Strategic and International Studies. "This clearly has to be on the summit agenda. The president has to lay down some markers" to make clear "that the days when you people could do whatever you want are over." There's a famous story about Vladimir Putin meeting Joe Biden back in 2011. A decade earlier former U.S. president George W. Bush had said when he'd looked Putin in the eye, "I was able to get a sense of his soul." But as Biden tells it, when he'd met Putin (who was then Russia Prime Minister), "I said, 'Mr. Prime Minister, I'm looking into your eyes, and I don't think you have a soul.'" "He looked back at me, and he smiled, and he said, 'We understand one another.'"
Read more of this story at Slashdot.
Comments
Post a Comment