U.S. seizes domains used in USAID hack

The Justice Department announced it has seized domains Russian hackers responsible for the SolarWinds attack used in a phishing scheme last month targeting governments and organizations through mimicking the United States Agency for International Development.

Prosecutors said in a statement Tuesday that they seized two domains on Friday that Russia-linked Nobelium hacker group had used as part of its wide-scale attack targeting some 3,000 individual accounts across more than 150 governments, think tanks and organizations.

The scheme, uncovered by Microsoft on Thursday, involved gaining access to the Constant Contact email service of the USAID from which the hackers sent malicious links through authentic-looking government emails to their targets.

When the links were clicked, a malicious file would download a so-called back door onto the computer offering the hackers access to its information and that of other computers on its network.

Microsoft said most of the emails distributed were blocked by email threat detention systems and marked as spam though some may have been delivered.

The Justice Department said it seized theyardservice.com and worldhomeoutlet.com through a court order with the aim to disrupt Nobelium’s activities and identify victims, though prosecutors state the hackers may have deployed other backdoors between the initial attack, which began May 25, and Friday’s seizure.

“Last week’s action is a continued demonstration of the department’s commitment to proactively disrupt hacking activity prior to the conclusion of a criminal investigation,” said Assistant Attorney General John Demers of the department’s National Security Division.

Nobelium has been blamed for the attack in November that breached at least nine U.S. federal agencies and dozens of companies through the widely used SolarWinds software.

Hot this week

The Overlooked Flaws in Multi Factor Authentication

Multi factor authentication is often presented as a security panacea, but hidden flaws and implementation gaps can leave organizations vulnerable despite compliance checkboxes.

The Hidden Costs of Security Compliance

Compliance frameworks often create security blind spots by prioritizing checkbox exercises over real threat mitigation, leading to breaches despite passing audits.

The Illusion of AI in Cybersecurity

AI security tools often create alert fatigue instead of protection, but focusing on human oversight and measured deployment can turn them into effective assets.

The Overlooked Risk of Shadow IT

Shadow IT poses a greater risk than many external threats by bypassing security controls, and managing it effectively requires understanding employee needs rather than simply blocking unauthorized tools.

Why Cloud Misconfigurations Threaten Your Business

Cloud misconfigurations are the leading cause of data breaches, yet most organizations focus on advanced threats instead of fixing basic security hygiene in their cloud environments.

Topics

The Overlooked Flaws in Multi Factor Authentication

Multi factor authentication is often presented as a security panacea, but hidden flaws and implementation gaps can leave organizations vulnerable despite compliance checkboxes.

The Hidden Costs of Security Compliance

Compliance frameworks often create security blind spots by prioritizing checkbox exercises over real threat mitigation, leading to breaches despite passing audits.

The Illusion of AI in Cybersecurity

AI security tools often create alert fatigue instead of protection, but focusing on human oversight and measured deployment can turn them into effective assets.

The Overlooked Risk of Shadow IT

Shadow IT poses a greater risk than many external threats by bypassing security controls, and managing it effectively requires understanding employee needs rather than simply blocking unauthorized tools.

Why Cloud Misconfigurations Threaten Your Business

Cloud misconfigurations are the leading cause of data breaches, yet most organizations focus on advanced threats instead of fixing basic security hygiene in their cloud environments.

The Human Factor in Cybersecurity Breaches

Human error is the root cause of most cybersecurity breaches, and addressing it through training and awareness is more effective than relying solely on technical solutions.

Why Password Managers Fall Short in Modern Security

Password managers are useful tools but not complete solutions for modern security, requiring a layered approach that includes multi-factor authentication and employee education to prevent breaches.

The Myth of Perfect Security

Perfect security is a myth, and focusing on resilience rather than prevention can better protect your organization from inevitable breaches.
spot_img

Related Articles

Popular Categories