National: Federal investigators find evidence of previously unknown tactics used to penetrate government networks | Craig Timberg and Ellen Nakashima/The Washington Post
Federal investigators reported Thursday on evidence of previously unknown tactics for penetrating government computer networks, a development that underscores the disastrous reach of Russia’s recent intrusions and the logistical nightmare facing federal officials trying to purge intruders from key systems. For days it has been clear that compromised software patches distributed by a Texas-based company, SolarWinds, were central to Russian efforts to gain access into U.S. government computer systems. But Thursday’s alert from the Cybersecurity and Infrastructure Agency at the Department of Homeland Security said evidence suggested there was other malware used to initiate what the alert described as “a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.” While many details remained unclear, the revelation about new modes of attack raises fresh questions about the access that Russian hackers were able to gain in government and corporate systems worldwide. “This adversary has demonstrated an ability to exploit software supply chains and shown significant knowledge of Windows networks,” the alert said. “It is likely that the adversary has additional initial access vectors and tactics, techniques, and procedures (TTPs) that have not yet been discovered.”
Full Article: Federal investigators find evidence of previously unknown tactics used to penetrate government networks – The Washington Post