Tri-County RVTHS Computer Information Systems Students’ Win Gold and Silver Placement in Statewide CyberPatriot Competition

Tri-County Regional Vocational Technical High School CIS sophomores and juniors competed in the state round of the CyberPatriot competition in December. CyberPatriot is an educational program created by the Air & Space Force Association to inspire K-12 students toward careers in cybersecurity or other science, technology, engineering, and mathematics (STEM) disciplines that are critical to our nation’s future. At the core of the program is the National Youth Cyber Defense Competition, the nation’s largest cyber defense competition that tasks middle and high school students nationwide to secure virtual networks.

The statewide competition was held on December 9, 2022 and two teams from Tri-County RVTHS placed in the Silver and Gold Level of the State Competition. The Competition is comprised of several rounds and teams are slotted into Silver, Gold, or Platinum tiers after the first two rounds. Sophomores: Conor Cadorette from Franklin, Corey Ball from Medway, William Godfrey from Seekonk, John Raymond from Franklin, and Cayden Bourassa from Seekonk placed 1st in the Silver Level and will move onto semi-final regionals to be held January 20th and 21st. Juniors: Tristan Poirier from North Attleboro, James O’Brien from North Attleboro, Noah Renner from Norfolk, Troy Casto of Seekonk, Sean Vengren of Walpole, and Cameron Jones of Plainville placed 8th in the Gold Level.

Back Row: (L to R) -> William Godfrey (Seekonk)   Corey Ball (Medway)   Conor Cadorette (Franklin)

Seated: (L to R) -> Cayden Bourassa (Seekonk)  John Raymond (Franklin)

The CyberPatriot competition allows students to gain hands-on experience of securing a virtual network. Students are asked to find and fix cybersecurity vulnerabilities in virtual operating systems then using a proprietary competition system, teams are scored on how secure they make the system. “The CyberPatriot Competition is an opportunity for students to apply the knowledge they have gained in the classroom to a simulated real-world situation. Students gain experience and confidence through the program which is invaluable,” stated Kimberly Zogalis, CIS Instructor.

For more about Tri-County visit their page ->  https://tri-county.us/

Washington Post: "Be on guard for free-shipping deals that could end up being fake"

"It wasn’t just the pandemic that pushed more people online. Long before COVID, more shoppers decided to skip the crowds and simply click for their holiday gifts.

And I get it. I hate shopping — especially during the holidays. There’s the hunt for a parking space, the throngs of customers, the long checkout line at stores with 10 lanes but only three cashiers working the registers.

The old phrase “Shop till you drop” has become more like “Shop till you want to scream.”

So it makes sense that for the first time in Gallup’s look at holiday spending trends, a majority of Americans — 56 percent — say they are very likely to do their Christmas shopping online. That’s up eight percentage points from 2017."

Continue reading the article online. (Subscription maybe required)

https://www.washingtonpost.com/business/2021/11/24/safe-online-holiday-shopping-tips/

(Wilfredo Lee/AP)

GOOD DEEDS: Paid Consultant - Not a Cybersecurity Expert

GOOD DEEDS:  PAID CONSULTANT - NOT A CYBERSECURITY EXPERT

By William P. O'Donnell, Norfolk County Register of Deeds

 

This is part of a series of essays which demonstrate why a much heralded by some Abrahams Study when it comes to the Norfolk Registry of Deeds and Registry Technology is flat out wrong.   Recommendations to eliminate the on-site Registry Chief Information (CIO) and the on-site Registry IT Technology Department which has been an integral part of the Norfolk Registry of Deeds operations for decades is not a sound policy.  These misguided recommendations from a paid consultant who never visited the Norfolk Registry of Deeds do not recognize the role the Registry IT Technology Department has had on modernization initiatives that have benefited Registry users and Norfolk County residents.

 

A Register of Deeds is tasked to run the Registry of Deeds by state law and the voters.  The Norfolk Registry of Deeds is a place where land records from the deed to your home and business, from the homestead that protects your home to the mortgage discharge that tells the world your loan has been paid off all are recorded.  During the last fiscal year over 205,000 land record documents got recorded and processed by the Norfolk Registry of Deeds.  These recordings could not be done without a dedicated staff.  But it also could not be accomplished without using technology as well as the expertise and knowledge of the Registry IT Technology Department.  As Register of Deeds it is my fiduciary duty to fight these bad policy recommendations on behalf of home and business owners who rely on the land records and data at the Registry of Deeds for the legal title to those homes and businesses.  There are frauds going on now as it is that involve stealing the legal title to homes and property. Imagine what would happen at the Norfolk Registry of Deeds if there was no on-site Registry IT Technology Department to at least battle the cybersecurity predators and criminals.

 

State law requires monies to be collected by all 21 of the Registries in Massachusetts.  The Norfolk Registry of Deeds collected over 81 million dollars during the last fiscal year in the midst of the COVID-19 pandemic.  These monies got collected using technology.  If there is no on-site Registry IT Technology Department what could happen to this money which comes back to cities and towns in the form of local aid, public safety, educational reimbursements as well as social services programs?  If there is no on-site Registry IT Technology Department in the Registry building working with and helping Registry staff collect Community Preservation Act (CPA) funds through the use of technology what could happen to those Community Preservation Act projects in the cities and towns of Norfolk County?  Nothing good is coming out of this “Abrahams recommendation” as there are too many possible bad outcomes that could take place without a robust on-site Registry IT Technology Department.

 

The report of consultant, Mark Abrahams, who never came by the Norfolk Registry of Deeds as part of his study, just does not properly recognize the role of the Registry IT Technology Department has in the overall scheme of operations at the Norfolk Registry of Deeds.  Does anyone think in five years there is going to be less technology in protecting the land records that authenticate the title to your home or in providing services to Registry users, departments in county municipalities and the general public?  Technology will continue to transform and be an integral part of our day to day society.  Another question that needs to be answered is why make a recommendation to get rid of a 2 permanent person Registry IT Technology Department in this age of cybersecurity attacks and ransomware? There is a newly appointed legislative committee at the Massachusetts State House that is examining cybersecurity and the tremendous costs in terms of money and operations on towns, businesses even a local ferry system that have been victims of cybersecurity intrusions and breaches. Paid consultant Mark Abrahams missed the boat on his study of the Norfolk Registry of Deeds and its IT Technology Department.  It is crucial that the Norfolk County Commissioners recognize this and do not implement the Abrahams recommendations as it relates to the Norfolk Registry of Deeds.

 

Another compelling reason to totally disregard Mark Abrahams’ IT Technology recommendations is that right in his report Mr. Abrahams states “IT security is not part of our scope.” How can someone in this day and age of cybersecurity breaches and ransomware be making any IT Technology recommendations when you did NOT look at IT security? It would be a dereliction of duty amounting to negligence some may argue gross negligence to act on IT Technology recommendations at the Norfolk Registry of Deeds made by a paid consultant where “IT security is not part of our scope.” What is at stake is the land records and data that are used to authenticate the legal real estate title to your home as well as your business.  The biggest asset most of us have is our home.  This asset is too valuable to act on recommendations of a paid consultant who also wrote “…we are not security experts, however cybersecurity and disaster recovery came up in our interviews and meetings.”  Mark Abrahams and his assistant who looked at “Information Technology” are not proficient in cybersecurity why should their IT Technology recommendations be followed?

 

Some may argue you should not be even making any IT Technology recommendations in this day and age without assessing cybersecurity.  In courts of law individuals come in to offer opinions on various subject matters.  However, before these persons give an opinion to a jury a judge would examine their credentials to be an “expert” and give an opinion.  Who can forget the trial court scene when Joe Pesci as criminal defense attorney Vinny Gambini was trying to qualify Marisa Tomei as Mona Lisa Vito as an automobile expert in the comedy movie “My Cousin Vinnie.”  Unlike Mona Lisa Vito in the movie however, Mark Abrahams and his opinions on Information Technology should be disqualified.  This paid consultant is not qualified to give an opinion on Information Technology.  It is not just an unsound decision to just accept Mr. Abrahams IT Technology recommendations, it borders on reckless given all the possible negative impacts and bad outcomes that could take place in implementing Information Technology (IT) recommendations made by this paid consultant. 

 

The Abrahams IT Registry technology recommendations are not about saving money. The Norfolk Registry IT Technology Department is a 2 permanent persons operation.  Mark Abrahams writes in his report “We feel that from a management perspective, the IT operations are being well run considering the limited staff.” All things being fair and equal those words should end any debate about eliminating the on-site Registry IT Technology Department working at the Registry building for and with Registry staff, Registry users, Norfolk County municipal governments and the general public.

 

If you are as concerned about this matter as I am or have received good service from the Norfolk Registry  of Deeds, please feel free to sign the online petition linked here https://chng.it/YY9MvxNqcq.  

Please contact the three Norfolk County Commissioners that will make this decision. Norfolk County Commissioners, Joseph P. Shea, Chair, Peter H. Collins, Richard R. Staiti 614 High Street, Dedham, MA 02026 

Or email them at: JandJSheaquincy@gmail.com, Petercollins@collinsandcollinspc.com Rrstaiti55@yahoo.com

 

Thank you.

GOOD DEEDS: Paid Consultant - Not a Cybersecurity Expert

The background on QR codes; QR code for Election Collection 2021

"Just open a phone camera, point it at this special type of link and get transported to a website with more information than a paper menu ever offered. Even classically brick-and-mortar businesses like furniture retailers are using QR, or quick response, codes to help shoppers choose what to buy.

But QR codes serve a purpose beyond cutting down on germs. They turn analog interactions — like ordering a pizza — into digital ones, and those digital interactions can be subject to tracking by the restaurant or store. Because QR codes open a browser, companies might use that digital signal to connect the dots between online and offline activity."

Continue reading the article online. (Subscription maybe required)

https://www.washingtonpost.com/technology/2021/10/07/are-qr-codes-safe/

The QR Code to get to the "Election Collection 2021" is shown here

The QR Code to get to the "Election Collection 2021"

60 Minutes "a betrayal of democracy" leads to decision that Franklin Matters Facebook page to go away Dec 1, 2021

60 Minutes (@60Minutes) tweeted at 7:42 PM on Sun, Oct 03, 2021:

"The version of Facebook that exists today is tearing our societies apart and causing ethnic violence around the world," says former Facebook employee France Haugen. She points to Myanmar, where the military used Facebook to launch a genocide.

Find the full 60 Minutes segment here -> https://t.co/WU4IumjHkO 

Shared from Twitter: https://t.co/cy9Ed9MgbH

“The version of Facebook that exists today is tearing our societies apart and causing ethnic violence around the world,” says former Facebook employee France Haugen. She points to Myanmar, where the military used Facebook to launch a genocide. https://t.co/WU4IumjHkO pic.twitter.com/cy9Ed9MgbH

— 60 Minutes (@60Minutes) October 3, 2021

Note: this is a continuation of the revelations about Facebook since the  Cambridge Analytica scandal. in 2018  I attempted to remove Franklin Matters updates from Facebook at that time and the readers, followers on Facebook created an uproar so I stayed reluctantly.

As a data security and privacy professional I can no longer condone the Facebook business model. Effective Dec 1, 2021 the Franklin Matters Facebook page will go away. You are given notice to find one of the other options to obtain the valuable information shared but not longer directly by me on Facebook.

• You can subscribe via email to the daily update (an easy way)  https://www.franklinmatters.org/p/welcome.html
• You can subscribe via RSS and get everything as it posts (actually the best way)  The 7 best RSS Readers for 2021 (I personally use Feedly)   https://bloggingwizard.com/free-rss-feed-readers/
• You can follow Franklin Matters on Twitter  https://twitter.com/FranklinMatters

Someone can also set up a way to take what I share and share it themselves to Facebook. I have no way to stop that. Folks occasionally do so on their own today.

My personal account will remain on Facebook to maintain my family and network connections. I have limited what is posted and shared in that way and am willing to take the risk to maintain those family connections.

I can no longer take the risk exposing your information in this way. Facebook needs to change and only actions like this will get their attention to do so.

Why Dec 1?

The Franklin election is important and as divisive as Facebook is, for those who depend upon it for info, I will provide some time for them to begin to make their move to one of the alternatives.

If you need or want help setting up email or RSS, I'll offer to schedule a Zoom session (or two) to walk through the process. Let me know if you are interested via email or comment on this post.

Reference points on Facebook data leaks

• Franklin Matters attempt to shut down in 2018 was announced with this post ->  https://www.franklinmatters.org/2018/04/fixing-companys-problems-will-take-years.html
• Data leak reported in April 2021 (actually occurred during 2019) ->  https://blog.mozilla.org/en/privacy-security/facebook-data-leak-explained/
• Data leak in 2017 ->  https://techcrunch.com/2018/09/28/everything-you-need-to-know-about-facebooks-data-breach-affecting-50m-users/
• Cambridge Analytica aftermath -> https://techcrunch.com/2020/09/25/cambridge-analyticas-former-boss-gets-7-year-ban-on-being-a-business-director/

Mark Hurst's Good Report also has a listing on RSS Readers to add to what I shared here.  https://goodreports.com/post/rss-reader.html

If you only do one thing with your privacy settings ...

"There’s probably a little bit of Google in every part of your life. The company hosts a sprawling network of tools and apps we use for everything — from school assignments and work emails, to watching how-to videos and making calls. The good news is that Google has tried to collect its most important privacy settings into one place, which means you can protect your data in Gmail and Google-owned YouTube at the same time.

Google offers a “Privacy Checkup” to get through settings quickly, but defaults to more mild options than we’ve listed below. There are some trade-offs when you limit Google’s data collection, according to the company. Google services that give recommendations might not be as helpful, and any ads you see will be less accurately targeted.

These privacy setting recommendations are based on your Google Account settings on the Web. You can also access them through individual Google apps or your settings on an Android phone by going to Settings → Google (or Google Services)."

Continue reading the article online. (Subscription maybe required)

https://www.washingtonpost.com/technology/2021/09/23/google-privacy-settings/

If you only do one thing with your privacy settings ...

Passwords may be going away, starting with Microsoft

"You’ve got a lot of passwords to keep track of for your online bank account, insurance company, social media profiles and even your kid’s school software. But starting today, your Microsoft account doesn’t have to be one of them.

The company said Wednesday that it is officially retiring written passwords for personal accounts, including Outlook, OneDrive and Family Safety. Corporate accounts have been eligible for password-free sign-on since March.

The change comes as the entire IT industry rethinks its decades-long reliance on “shared secret” passwords — or the kind you have to remember. People have a tendency to lose and forget them, creating extra costs and headaches for companies and customers alike."

Continue reading the article online. (Subscription maybe required) 

https://www.washingtonpost.com/technology/2021/09/15/microsoft-passwordless/

Microsoft announced it is rolling out a no-password sign-on system for personal accounts on its Outlook, OneDrive and Family Safety products. (Jeenah Moon/Bloomberg News)

   

News of Interest: Amazon implementation raises security issues

"There’s an eyebrow-raising technology buried inside millions of Amazon Echo smart speakers and Ring security cameras. They have the ability to make a new kind of wireless network called Sidewalk that shares a slice of your home Internet connection with your neighbors’ devices.

And on Tuesday, Amazon is switching Sidewalk on — for everyone.

I’m digging into my settings to turn it off. Sidewalk raises more red flags than a marching band parade: Is it secure enough to be activated in so many homes? Are we helping Amazon build a vast network that can be used for more surveillance? And why didn’t Amazon ask us to opt-in before activating a capability lying dormant in our devices?

I recommend you opt out of Sidewalk, too, until we get much better answers to these questions."

Continue reading the article online (subscription may be required)

https://www.washingtonpost.com/technology/2021/06/07/amazon-sidewalk-network/

Vaccine 'passports' (really 'certificates') will be difficult but are in development

"The Biden administration and private companies are working to develop a standard way of handling credentials - often referred to as “vaccine passports” - that would allow Americans to prove they have been vaccinated against the novel coronavirus as businesses try to reopen.

The effort has gained momentum amid President Joe Biden's pledge that the nation will start to regain normalcy this summer and with a growing number of companies - from cruise lines to sports teams - saying they will require proof of vaccination before opening their doors again.

The administration's initiative has been driven largely by arms of the Department of Health and Human Services, including an office devoted to health information technology, said five officials who spoke on the condition of anonymity to discuss the effort. The White House this month took on a bigger role coordinating government agencies involved in the work, led by coronavirus coordinator Jeff Zients, with a goal of announcing updates in coming days, said one official.

.... 

U.S. officials say they are grappling with an array of challenges, including data privacy and health-care equity. They want to make sure all Americans will be able to get credentials that prove they have been vaccinated, but also want to set up systems that are not easily hacked or passports that cannot be counterfeited, given that forgeries are already starting to appear."

Continue reading the article online at the Boston Globe (subscription may be required) 

https://www.bostonglobe.com/2021/03/28/nation/vaccine-passports-are-way-developing-them-wont-be-easy/

Or where it originated with the Washington Post (subscription may be required):  

https://www.washingtonpost.com/health/2021/03/28/vaccine-passports-for-work/

Tri-County Regional Vocational Technical High School Participates in CyberPatriot Competition

CyberPatriot is the National Youth Cyber Education Program created by the Air Force Association to inspire K-12 students toward careers in cybersecurity or other science, technology, engineering, and mathematics (STEM) disciplines critical to our nation's future. At the core of the program is the National Youth Cyber Defense Competition, the nation's largest cyber defense competition, that puts high school and middle school students in charge of securing virtual networks.
 
A total of 4,081 teams registered for this year's competition. Teams from the United States, Canada, and the Department of Defense Dependents schools abroad are eligible to participate in CyberPatriot's core program, the National Youth Cyber Defense Competition. The National Youth Cyber Education Program challenges teams of high school and middle school students to find and fix cybersecurity vulnerabilities in virtual operating systems. Using a proprietary competition system, teams are scored on how secure they make the system.

Four teams of six students represented Tri-County in this year's competition. Aiden Mai of Franklin, Kenjiro Mai of Franklin, Alex Comeau of Plainville, Callaghan Killian of North Attleboro, Zachary Belvin of North Attleboro, and Tyler Morrison of Franklin placed first in the Gold Division for Massachusetts.

The second team of Ryan Leber of North Attleboro, Jason Conti of Walpole, Christopher Zajac of Franklin, Christopher Virkaitis of North Attleboro, Gabriel Corey of Franklin, and Joshua Bellunduno of Franklin placed third in Massachusetts for the Platinum Division.

All teams worked hard; there were three rounds of competition. The State round being the one we participated in in January. Virtual National Finals will be held March 19-21, 2021.

Congrats to all. 

 

Four teams of six students represented Tri-County

New York Times: "Why Was SolarWinds So Vulnerable to a Hack?"

Security expert Bruce Schneier write about the SolarWinds hack in the New York Times:

"There are two problems to solve. The first is information asymmetry: Buyers can’t adequately judge the security of software products or company practices. The second is a perverse incentive structure: The market encourages companies to make decisions in their private interest, even if that imperils the broader interests of society. Together these two problems result in companies that save money by taking on greater risk and then pass off that risk to the rest of us, as individuals and as a nation.

The only way to force companies to provide safety and security features for customers and users is with government intervention. Companies need to pay the true costs of their insecurities, through a combination of laws, regulations and legal liability. Governments routinely legislate safety — pollution standards, automobile seatbelts, lead-free gasoline, food service regulations. We need to do the same with cybersecurity: The federal government should set minimum security standards for software and software development."

Continue reading the article online (subscription may be required) 

https://www.nytimes.com/2021/02/23/opinion/solarwinds-hack.html

 

Previous articles on the SolarWinds hack 

(Jan 2020) =  https://www.franklinmatters.org/2021/01/great-summary-of-solar-winds-attack-not.html

(Dec 2019) = https://www.franklinmatters.org/2020/12/what-we-know-and-still-dont-about-worst.html

Spear Phishing makes the news (again)

 

"A prominent TV news anchor in India, Nidhi Razdan was looking forward to starting her new job as an associate professor of journalism at Harvard University in September.

Just one setback. Harvard doesn’t have a journalism program.

After months of delays that she attributed to the pandemic, Razdan had a jarring realization: the faculty position, it turns out, doesn’t exist. The offer she thought she had accepted was nothing more than an elaborate ploy to access her personal information, she said."

Continue reading the article online (subscription may be required)

https://www.bostonglobe.com/2021/01/15/metro/reporter-nidhi-razdan-claims-she-was-victim-sophisticated-phishing-attack-that-led-her-believe-she-got-journalism-job-harvard/

 

Great summary of the Solar Winds attack, not just on the US

Noted security expert Bruce Schneier writes: 

"Recent news articles have all been talking about the massive Russian cyberattack against the United States, but that’s wrong on two accounts. It wasn’t a cyberattack in international relations terms, it was espionage. And the victim wasn’t just the US, it was the entire world. But it was massive, and it is dangerous. 

Espionage is internationally allowed in peacetime. The problem is that both espionage and cyberattacks require the same computer and network intrusions, and the difference is only a few keystrokes. And since this Russian operation isn’t at all targeted, the entire world is at risk — and not just from Russia. Many countries carry out these sorts of operations, none more extensively than the US. The solution is to prioritize security and defense over espionage and attack. 

Here’s what we know: Orion is a network management product from a company named SolarWinds, with over 300,000 customers worldwide. Sometime before March, hackers working for the Russian SVR — previously known as the KGB — hacked into SolarWinds and slipped a backdoor into an Orion software update. (We don’t know how, but last year the company’s update server was protected by the password “solarwinds123” — something that speaks to a lack of security culture.) Users who downloaded and installed that corrupted update between March and June unwittingly gave SVR hackers access to their networks. 

This is called a supply-chain attack, because it targets a supplier to an organization rather than an organization itself — and can affect all of a supplier’s customers. It’s an increasingly common way to attack networks. Other examples of this sort of attack include fake apps in the Google Play store, and hacked replacement screens for your smartphone."

Continue reading the article online

https://www.schneier.com/blog/archives/2020/12/russias-solarwinds-attack.html

screengrab of https://www.schneier.com/

Naked Security Live: "Watch out for Messenger scams!"

"IM and social media accounts feel less open to spammers and scammers than email - until a crook gets into a friend's account and sends from there..."

Direct video link = https://youtu.be/IzUZ6rBpOso

 

Cyber security: inside the hack of a journalist; extent of US Government penetration not known

From The Guardian: inside the hack of a journalist

"A series of abusive text messages sent to an Al Jazeera investigative programme were the first crumbs that eventually led to the discovery of an unprecedented hacking operation against dozens of staff from the Qatar-based media network, according to one of the journalists who was targeted.

Researchers at Citizen Lab at the University of Toronto claimed on Sunday that the UAE and Saudi Arabia used spyware sold by an Israeli private intelligence company to access the phones of at least 36 journalists, producers and executives from Al Jazeera, as well as that of a London-based reporter with the Al Araby network.

Traces of the cyber-attack were unearthed in July when a phone used by an Al Jazeera programme, The Tip of the Iceberg, exhibited suspicious network activity that was undetectable to its users."

Continue reading the article online

https://www.theguardian.com/media/2020/dec/22/revealed-how-abusive-texts-led-to-discovery-of-hacking-of-al-jazeera

From the New York Times: extent of US Government penetration not known

"The Russian hackers who penetrated United States government agencies broke into the email system used by the Treasury Department’s most senior leadership, a Democratic member of the Senate Finance Committee said on Monday, the first detail of how deeply Moscow burrowed into the Trump administration’s networks.

In a statement after a briefing for committee staff members, Senator Ron Wyden of Oregon, who has often been among the sharpest critics of the National Security Agency and other intelligence agencies, said that the Treasury Department had acknowledged that “the agency suffered a serious breach, beginning in July, the full depth of which isn’t known.”

Continue reading the article online (subscription may be required)

https://www.nytimes.com/2020/12/21/us/politics/russia-hack-treasury.html

 

From the New York Times:

"President-elect Joseph R. Biden Jr. accused President Trump on Tuesday of “irrational downplaying” of the widespread hack of the federal government and American industries, saying that the current administration was denying him intelligence and warning Russia that he would not allow the intrusion to “go unanswered” after he takes office.

“This assault happened on Donald Trump’s watch when he wasn’t watching,” Mr. Biden said at a news conference in Delaware. “It is still his responsibility as president to defend American interests for the next four weeks, but rest assured that even if he does not take it seriously, I will.”

The direct critique was a remarkable departure from tradition, in which incoming presidents are careful about not second-guessing the actions of the incumbent. But Mr. Trump’s refusal to recognize Mr. Biden’s election victory, and his effort to subvert the results, has clearly poisoned elements of the transition process."

 Continue reading the article online (subscription may be required)

https://www.nytimes.com/2020/12/22/us/politics/biden-trump-russia-hack.html

 

These articles add to the listing of "what we know and don't know" about the cyber attack

https://www.franklinmatters.org/2020/12/what-we-know-and-still-dont-about-worst.html

 

"What we know – and still don’t – about the worst-ever US government cyber attack"

The Boston Globe has the following:

It’s going to take months to kick elite hackers widely believed to be Russian out of the US government networks they have been quietly rifling through since as far back as March in Washington’s worst cyberespionage failure on record.

Experts say there simply are not enough skilled threat-hunting teams to duly identify all the government and private-sector systems that may have been hacked. FireEye, the cybersecurity company that discovered the intrusion into US agencies and was among the victims, has already tallied dozens of casualties. It’s racing to identify more.

“We have a serious problem. We don’t know what networks they are in, how deep they are, what access they have, what tools they left,” said Bruce Schneier, a prominent security expert and Harvard fellow.

Continue reading the article online (subscription may be required)

https://www.bostonglobe.com/2020/12/18/business/hacked-government-networks-will-need-be-burned-down-ground/ 

 

While Franklin suffered from the spear phishing attack which resulted in a diverted payment, the attacker/nefarious character did not access the Franklin network. They used the person inside to do their work. The Russian hack into the major systems of some companies and several government agencies was sophisticated in planning as they apparently hit the supply chain for a piece of software used to protect networks. Once inside, the "trojan horse" allowed access and control. The scope and objective of the hack remains to be determined.

 

Related articles:

• A good summary from The Guardian: https://www.theguardian.com/technology/2020/dec/18/orion-hack-solarwinds-explainer-us-government
• More inside technical details From Bruce Schneier (reference in article quote from Boston Globe: https://www.schneier.com/blog/archives/2020/12/nsa-on-authentication-hacks-related-to-solarwinds-breach.html
• Also good technical details from Krebs on Security: https://krebsonsecurity.com/2020/12/vmware-flaw-a-vector-in-solarwinds-breach/

Multiple federal agencies have been targeted in a sweeping cyber attack. Photograph: Patrick Semansky/AP