Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft Identifies 40+ Victims Of SolarWinds Hack, 80% from US

https://open.spotify.com/show/3Gmj15x6cGrgJEzmGnDTTj

Microsoft Identifies 40+ Victims Of SolarWinds Hack, 80% from US

Microsoft said that over 40 of its customers had their networks infiltrated by hackers following the SolarWinds supply chain attack after they installed backdoored versions of the Orion IT monitoring platform.

Last weekend, FireEye discovered that a group of nation-state hackers (tracked as UNC2452 or Dark Halo) breached SolarWinds and used their auto-update mechanism to deploy a backdoor onto clients’ systems.

The backdoor, tracked as Solarigate (Microsoft) or Sunburst (FireEye), was deployed on the networks of roughly 18,000 customers according to a SolarWinds 8K SEC filing.

The APT group behind this campaign, suspected to be the Russian state-sponsored APT29 (aka Cozy Bear), maintained persistence on the networks of hacked organizations for long periods of time according to CISA.

Infection spread to victims from eight countries

After the malicious Orion upgrades were installed on the systems of thousands of SolarWinds customers, Microsoft President Brad Smith said that the suspected Russian hacking group were able to “pick and choose” targets of interest already compromised organizations.

Also Read: How To Prevent WhatsApp Hack: 7 Best Practices

So far, based on information gathered while investigating the still ongoing hacking campaign, Microsoft has notified the over 40 organizations that were “targeted more precisely and compromised through additional and sophisticated measures.”

80% of the identified victims are located in the United States and the rest of 20% is spread over seven other countries including Canada, Mexico, Belgium, Spain, the United Kingdom, Israel, and the UAE.

A heat map of all Microsoft customers that were hit in the SolarWinds supply chain attack after installing the backdoor tracked as Solarigate or Sunburst via the compromised Orion auto-update mechanism.

“As this makes clear, this aspect of the attack created a supply chain vulnerability of nearly global importance, reaching many major national capitals outside Russia,” Smith said. “This also illustrates the heightened level of vulnerability in the United States.”

“This has already led to subsequent news reports of penetration into multiple parts of the U.S. Government. We should all be prepared for stories about additional victims in the public sector and other enterprises and organizations.”

Microsoft customers hacked in SolarWinds campaign
Source: Microsoft

Number of hacked organizations will grow

The initial list of Microsoft customers hacked in this ongoing espionage campaign includes organizations from a wide range of verticals, with 44% of them being information technology firms and 18% government agencies.

The US government targets breached following the SolarWinds hack coordinate finance, national security, health, and telecommunications sectors, while government contractor victims are focused on supporting defense and national security organizations.

What’s certain is that, following the ongoing investigation of these attacks, “the number and location of victims will keep growing.”

“This is not ‘espionage as usual,’ even in the digital age,” Smith said. “Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world.

“In effect, this is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency.

Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup

“While the most recent attack appears to reflect a particular focus on the United States and many other democracies, it also provides a powerful reminder that people in virtually every country are at risk and need protection irrespective of the governments they live under.”

Victims by sector
Source: Microsoft

Multiple US government agencies confirmed as compromised

Microsoft has also confirmed yesterday that they were hacked in the ongoing SolarWinds attacks but denied reports that their software was compromised as part of a supply-chain attack to infect customers.

The FBI, CISA, and the ODNI also officially confirmed the hacking of multiple US government networks in a joint statement.

Victims of these attacks confirmed so far are FireEye, Microsoft, the US Treasury, US NTIA, US Department of Homeland Security, US Department of Commerce’s National Telecommunications and Information Administration (NTIA), US Department of State, US Department of Health’s National Institutes of Health (NIH), the Cybersecurity and Infrastructure Agency (CISA), the National Nuclear Security Administration (NNSA), and the US Department of Energy (DOE).

“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” the agency said.

Also Read: How Formidable is Singapore Cybersecurity Masterplan 2020?

SolarWinds’ list of 300,000 customers [12] includes over 425 US Fortune 500 companies, all top ten US telecom companies, and US government agencies including the US Military, the US Pentagon, the US Department of Justice, the State Department, NASA, NSA, Postal Service, NOAA, and the Office of the President of the United States, some of which have already been confirmed as hacked.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us