Oldie but goodie: ‘Cozy Bear’ hacking entity said to be behind attack via SolarWinds

Oldie but goodie: ‘Cozy Bear’ hacking entity said to be behind attack via SolarWinds

[Ed. – This is the advanced persistent threat (APT 29) attributed to the Russian government by CrowdStrike, in the analysis the FBI never had the opportunity to verify because it didn’t get the original DNC server affected in 2015-16.  Now, in an exceptionally vague attribution, the same WaPo reporter (Ms. Nakashima) is crediting “sources familiar” with the information that Cozy Bear is ba-ack.  Uh-huh.]

Russian government hackers breached the Treasury and Commerce departments, along with other U.S. government agencies, as part of a global espionage campaign that stretches back months, according to people familiar with the matter.

Officials were scrambling over the weekend to assess the nature and extent of the intrusions and implement effective countermeasures, but initial signs suggested the breach was long-running and significant, the people familiar with the matter said.

The Russian hackers, known by the nicknames APT29 or Cozy Bear, are part of that nation’s foreign intelligence service, the SVR, and they breached email systems in some cases …

Trending: Lawmaker who used low-quality green screen caught driving during Zoom meeting

SolarWinds said Sunday in a statement that monitoring products it released in March and June of this year may have been surreptitiously weaponized in a “highly-sophisticated, targeted . . . attack by a nation state.”

Continue reading →


For your convenience, you may leave commments below using Disqus. If Disqus is not appearing for you, please disable AdBlock to leave a comment.