Krebs on Security: A Basic Timeline of the Exchange Mass-Hack

Krebs on Security: A Basic Timeline of the Exchange Mass-Hack. “Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here’s a brief timeline of what we know leading up to last week’s mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program.”

Route Fifty: Feds Up Share of FEMA Grants That Must Be Spent on Cybersecurity

Route Fifty: Feds Up Share of FEMA Grants That Must Be Spent on Cybersecurity. “The Department of Homeland Security will require more federal grant money to go toward cybersecurity projects in an effort to help state and local governments protect critical infrastructure, Secretary Alejandro Mayorkas announced Thursday. In the past, DHS has required that a minimum of 5% of Federal Emergency Management Agency grants be dedicated to cybersecurity. The department will now up that requirement to 7.5%—a change that will bolster cybersecurity funding for state and local governments by $25 million, Mayorkas said.”

CNN: Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak

And in today’s episode of “That actually makes it worse,” from CNN: Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak. “Current and former top executives at SolarWinds are blaming a company intern for a critical lapse in password security that apparently went undiagnosed for years. The password in question, ‘solarwinds123,’ was discovered in 2019 on the public internet by an independent security researcher who warned the company that the leak had exposed a SolarWinds file server.”

ProPublica: The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack

ProPublica: The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack. “The software company SolarWinds unwittingly allowed hackers’ code into thousands of federal computers. A cybersecurity system called in-toto, which the government paid to develop but never required, might have protected against this.”

SolarWinds: How Russian spies hacked the Justice, State, Treasury, Energy and Commerce Departments (CBS News)

CBS News: SolarWinds: How Russian spies hacked the Justice, State, Treasury, Energy and Commerce Departments. “President Biden inherited a lot of intractable problems, but perhaps none is as disruptive as the cyber war between the United States and Russia simmering largely under the radar. Last March, with the coronavirus spreading uncontrollably across the United States, Russian cyber soldiers released their own contagion by sabotaging a tiny piece of computer code buried in a popular piece of software called ‘SolarWinds.’”

CNET: Russia blamed for SolarWinds hack in joint FBI, NSA and CISA statement

CNET: Russia blamed for SolarWinds hack in joint FBI, NSA and CISA statement. “Key government intelligence agencies said Tuesday that the SolarWinds hack is ‘likely Russian in origin,’ according to a joint statement from the FBI, NSA, Cybersecurity and Infrastructure Security Agency and Office of the Director of National Intelligence. It’s the first time the four agencies have attributed the cyber attack to Russia.”

Associated Press: Hacked networks will need to be burned ‘down to the ground’

Associated Press: Hacked networks will need to be burned ‘down to the ground’. “Experts say there simply are not enough skilled threat-hunting teams to duly identify all the government and private-sector systems that may have been hacked. FireEye, the cybersecurity company that discovered the intrusion into U.S. agencies and was among the victims, has already tallied dozens of casualties. It’s racing to identify more.”

Washington Post: The U.S. government spent billions on a system for detecting hacks. The Russians outsmarted it.

Washington Post: The U.S. government spent billions on a system for detecting hacks. The Russians outsmarted it.. “When Russian hackers first slipped their digital Trojan horses into federal government computer systems, probably sometime in the spring, they sat dormant for days, doing nothing but hiding. Then the malicious code sprang into action and began communicating with the outside world…. Why then, when computer networks at the State Department and other federal agencies started signaling to Russian servers, did nobody in the U.S. government notice that something odd was afoot? The answer is part Russian skill, part federal government blind spot.”

US Cyber Command: US and Australia sign first-ever cyber agreement to develop virtual training range

US Cyber Command: US and Australia sign first-ever cyber agreement to develop virtual training range. “As part of the Dept. of Defense’s efforts to sharpen lethality, reform business practices, and strengthen partnerships in cyberspace, the United States and Australia have launched a first-ever agreement to continuously develop a virtual cyber training range together. Both nations recently signed a Cyber Training Capabilities Project Arrangement, Nov. 3– this bi-lateral, international agreement enables U.S. Cyber Command to incorporate Australian Defence Force feedback into USCYBERCOM’s simulated training domain, the Persistent Cyber Training Environment.”

The Register: Singapore to treat infosec as equivalent public good to fresh running water

The Register: Singapore to treat infosec as equivalent public good to fresh running water . “The deputy chief executive of Singapore’s Cyber Security Agency, Brigadier General Gaurav Keerthi, says the island nation now considers providing a secure environment to citizens and businesses the equivalent of providing fresh water and sewerage services, and will next week improve digital hygiene with a voluntary scheme that will rate the security consumer broadband gateways.”

UPI: Navy’s fifth annual cybersecurity event goes online

UPI: Navy’s fifth annual cybersecurity event goes online. “The second and third tracks will take place in March, but the first track — which has three phases — takes place this week and is free and open to the public. During the first phase, contestants will analyze traffic captured from maritime navigation electronics and identify the network’s sensors and devices. New members will be trained to understand the data and begin to apply their own creative solutions as they work alongside teammates.”