Cybersecurity firm FireEye, which recently exposed a serious security flaw within the US government’s IT security frameworks, has confirmed an attack and said it had identified a global campaign that had penetrated the networks of public and private organizations via the software supply chain. News that hackers breached Fire Eye’s systems sent shockwaves through the cybersecurity community and raised questions about how to deal with what appeared to be state-sponsored attacks. The San Francisco, California-based cyber security provider commented on the news, saying that cyber espionage campaigns can target both the public and private sectors without proving an attack. Earlier this month, Fire Eye announced it had been hacked, saying its network had been compromised and stolen to investigate the defenses of its thousands of customers, but it wasn’t clear how far it went until now, mainly being the US treasury.
To protect themselves from sophisticated cybercrime, financial institutions must have integrated compliance programs that address the full range of risk management, compliance and risk mitigation strategies. Under the newly renamed Cybersecurity Infrastructure Security Agency (CISA), the Department of Homeland Security serves as the country’s risk advisor and a one-stop shop for the US Treasury and other federal agencies, so it seems like a head may roll in this current political climate. DHS launched the National Cyber Security Information Sharing and Analysis Center (NCSIC) in 2014 to facilitate public-private cooperation and information sharing, including the sharing of information on cyber security threats to the Treasury Department’s infrastructure and financial systems. In combination, the CyberSecurity Infrastructure Security Agency, or CISAC, provides extensive resources, including technical alerts, malware analysis, and reports, that enable network defenders to detect and reduce malicious cyber activity. Seems like no matter what they may have shared, it wasn’t enough.
The general framework for information policy provides guidance to the Treasury Department and other federal agencies as set out in the annual report of the National Information Exchange and Analysis Center for Cyber Security (NCSIC).
On October 1, 2020, the U.S. Treasury Department published two recommendations, which aim to combat ransomware attacks and identify the risks of facilitating ransomware payments. In an emergency order, Secretary of State John Kerry and Treasury Secretary Steven Mnuchin said the attacks had high potential to endanger government systems. So they issued a pair of pieces of advice to help the U.S., S., individuals and companies in the fight against ransomware and fraud attacks, which continue to increase in size and scope. Sort of a haunting premonition of what would come to happen.
The breach was part of a broader campaign that included a recent hack by the US Department of Homeland Security, the two said. The two said it was part of a larger campaign against the Treasury and other government agencies. The breach is part of a broad campaign that included a recent hack, according to three people familiar with the matter.
FireEye has certainly told the FBI and other federal partners how it was hacked, and they have determined that the Treasury Department was similarly compromised.
The spy chief advised companies and individuals to ensure they follow the advice released Monday morning and urgently patch SolarWinds software, an IT management platform. He pointed out that paying a ransom does not guarantee the release of stolen data, can encourage future attacks and provide material support. While it is only publicly known that the Triton malware was used against Saudi targets, the message that is intended to deter similar attacks on US infrastructure was not mentioned in Treasury Secretary Steve Mnuchin’s statement announcing the new sanctions. In its fines notice, the ICO said: “The use of malicious software against the U.S. Treasury Department and other U.S. government agencies.”
Companies that contract with public institutions may face increased reputational and cyber-security risks from hackers and networks deemed immoral.