Boston Herald

Hackers making inroads

Targeting software services

-

BOSTON — The SolarWinds hacking campaign blamed on Russian spies and the “grave threat” it poses to U.S. national security are widely known. A very different — and no less alarming — coordinate­d series of intrusions also detected in December has gotten considerab­ly less public attention.

Nimble, highly skilled criminal hackers believed to operate out of Eastern Europe hacked dozens of companies and government agencies on at least four continents by breaking into a single product they all used.

“Attackers are finding it harder and harder to gain access via traditiona­l methods, as vendors like Microsoft and Apple have hardened the security of the operating systems considerab­ly over the last years. So, the attackers find easier ways in. This often means going via the supply chain. And as we’ve seen, it works,” said Mikko Hypponen, chief research officer of the cybersecur­ity firm F-Secure.

Victims include New Zealand’s central bank, Harvard Business School, Australia’s securities regulator, the U.S. law firm Jones Day — whose clients include former President Donald Trump — the rail freight company CSX and the Kroger supermarke­t and pharmacy chain. Also hit was Washington state’s auditor’s office, where the personal data of up to 1.3 million people gathered for an investigat­ion into unemployme­nt fraud was potentiall­y exposed.

The two-stage mega-hack in December and January of a popular file-transfer program from the Silicon Valley company Accellion highlights a threat that security experts fear may be getting out of hand: intrusions by top-flight criminal and statebacke­d hackers into software supply chains and third-party services.

Many victims of the Accellion hack report being extorted by the Russianspe­aking Clop cybercrimi­nal gang, which researcher­s believe may have bought pilfered data from the hackers. Their threat: Pay up or we leak your sensitive data online, be it proprietar­y documents from Canadian aircraft maker Bombardier or lawyer-client communicat­ions from Jones Day.

The hack of up to 100 Accellion customers, who were easily identified by the hackers with an online scan, puts in painful relief a digital age core mission at which both government­s and the private sector have been falling short.

Mike Hamilton, a former Seattle chief informatio­n security officer now with CI Security, said the trend of exploiting third-party service providers shows no signs of slowing because it gives criminals the highest return on their investment if they “want to compromise a broad swath of companies or government agencies.”

?? AP FILE PHOTOS ?? HACKED: SolarWinds CEO Sudhakar Ramakrishn­a speaks at a Senate Intelligen­ce Committee hearing in Washington, D.C., on Feb. 23. Much like the SolarWinds hack, the Accellion hack suggests both government and the private sector have been falling far short in a digital age core mission: Protecting sensitive data.
AP FILE PHOTOS HACKED: SolarWinds CEO Sudhakar Ramakrishn­a speaks at a Senate Intelligen­ce Committee hearing in Washington, D.C., on Feb. 23. Much like the SolarWinds hack, the Accellion hack suggests both government and the private sector have been falling far short in a digital age core mission: Protecting sensitive data.
?? ?? LOOKING FOR ANSWERS: Senate Intelligen­ce Committee Chairman Sen. Mark Warner, D-Va., questions FireEye CEO Kevin Mandia, SolarWinds CEO Sudhakar Ramakrishn­a and Microsoft President Brad Smith on Feb. 23.
LOOKING FOR ANSWERS: Senate Intelligen­ce Committee Chairman Sen. Mark Warner, D-Va., questions FireEye CEO Kevin Mandia, SolarWinds CEO Sudhakar Ramakrishn­a and Microsoft President Brad Smith on Feb. 23.

Newspapers in English

Newspapers from United States