What is “Sunburst”? A look into the Most Serious Cyberattack in American History – E Hacking News
A number of organisations have been attacked by what has been chronicled as one of the most severe acts of cyber-espionage in history named “Sunburst”,
the attackers breached the US Treasury, departments of homeland security, state, defence and the National Nuclear Security Administration (NNSA), part of Department of Energy responsible for safeguarding national security via the military application of nuclear science. While 4 out of 5 victims were US organisations, other targets include the UK, the UAE, Mexico, Canada, Spain, Belgium, and Israel.
FireEye classified the attack as being ‘highly sophisticated and customized; the basis of his 25 years of experience in cybersecurity, Mandia concluded that FireEye has been attacked by a nation with world-class offensive capabilities.
Gauging the amplitude of the attack, the US Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) described the security incident as a “serious threat”, while other requesting for anonymity labelled it as the “the most serious hacking incident in the United State’s history”. The attack is ongoing and the number of affected organisations and nations will unquestionably rise. The espionage has been called as “unusual”, even in this digital age.
As experts were assessing how the perpetrator managed to bypass the defences of a networking software company like SolarWinds, Rick Holland came up with a theory, “We do know that SolarWinds, in their filing to the Security and Exchange Commission this week, alluded to Microsoft, which makes me think that the initial access into the SolarWinds environment was through a phishing email. So someone clicked on something they thought was benign – turned out it was not benign.”
Meanwhile, certain US government officials have alleged Russia for being behind these supply chain attacks, while Russia has constantly denied the allegations as the Russian Embassy wrote on Facebook, “Malicious activities in the information space contradicts the principles of the Russian foreign policy, national interests and our understanding of interstate relations,”.
“Russia does not conduct offensive operations in the cyber domain.” The embassy added in its post to the US.