Isaiah Alonzo, Tech Times

The United States Treasury and the National Telecommunications and Informations Administration (NTIA) have been targetted by Russian state-backed hackers for several months now, taking e-mails and other sensitive materials. The country's agencies are now on high alert and have convened a meeting with the National Security Council (NSC) for the issues.

Russians are at it again, and this time, two different and far-apart agencies are their targets, with the US Treasury and NTIA being the victims of the said attack. There is no telling what the Russian hackers' purpose is for targetting the agencies, but it is said that this threat is not something to belittle.

Reuters cyber reporter Chris Bing said on Twitter (@Bing_Chris) that e-mails were taken from both agencies by the "highly sophisticated" hackers from the US Treasury and NTIA, with other agencies of the US Government included. The other victims have yet to be identified, but the hack used the same technique, which breached the initial two.

According to Reuters, the said attacks were happening for several months now, having been undetected by cyber experts and enlisted the National Security Council's help because of the case's severity. Moreover, an Austin, Texas-based company known as SolarWinds is suspected of having been the way hackers got into US servers and government agencies.

The company's customers include Fortune 500 companies and the five branches of the US Military. Moreover, the company also services the country's top telecommunication sources, the National Security Agency (NSA), State Department, and the President of the United States' office (POTUS). SolarWinds have given no comments regarding the issue whatsoever.

Read Also: US Schools Buy 'Cellebrite' -Same Hacking Device that FBI Uses! For What?

US Treasury Hacked: APT29 'Cozy Bear' Breached US Servers and Agencies

Sources familiar with the matter have pinpointed the Russians behind the attack that has been on-going for several months until the present. The hack is somehow similar to the recent breach of FireEye, a known cybersecurity firm in the country that showed the same attack.

According to End Gadget, the Russians have used APT29 or the advanced persistent threat believed to be connected to Russia's intelligence agency. A White House meeting last December 12 invited the NSC to deal with the matter, to which it said that they are "taking the necessary steps" to address the problems.

The "Cozy Bear" system has been affiliated with earlier Russian hacking APT called the "Fancy Bear," which is one of the most dangerous threats known in the cyber industry.

 

Russian State-backed Hack: What Are They Trying to Get?

The US Treasury, NTIA, and the NSC have all confirmed that e-mails were taken from them but have not revealed which e-mails were explicitly targeted. However, the agencies have said that these were important and highly-classified.

The Russian hackers are known to have an attempt to take the COVID-19's vaccine research in the past months since the first US companies and agencies have worked together in response to the virus.

Related Article: Security Experts Warn Users That Hackers Are Calling Victims to Increase Pressure, Here's What You Need to Do

This article is owned by Tech Times


Written by Isaiah Alonzo

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags: US Treasury NTIA Russia Russian Hackers Russia APT 29 Russia Hackers National Security Council US Treasury Hack 2020 NTIA Hack 2020 US Treasury Russian Hack Russia Cozy Bear Cozy Bear Cozy Bear APT29 APT29 APT 29 Cozy Bear US Treasury Email Hack COVID-19 COVID-19 Vaccine formula Hack
Join the Discussion