It’s going to take months to kick elite hackers widely believed to be Russian out of the U.S. government networks they have been quietly rifling through since as far back as March in Washington’s worst cyberespionage failure on record.
Experts say there simply are not enough skilled threat-hunting teams to duly identify all the government and private-sector systems that may have been hacked. FireEye, the cybersecurity company that discovered the intrusion into U.S. agencies and was among the victims, has already tallied dozens of casualties. It’s racing to identify more.
“We have a serious problem. We don’t know what networks they are in, how deep they are, what access they have, what tools they left,” said Bruce Schneier, a prominent security expert and Harvard fellow.
Read Also: US government agencies hacked
It’s not clear exactly what the hackers were seeking, but experts say it could include nuclear secrets, blueprints for advanced weaponry, COVID-19 vaccine-related research and information for dossiers on key government and industry leaders.
Many federal workers — and others in the private sector — must presume that unclassified networks are teeming with spies. Agencies will be more inclined to conduct sensitive government business on Signal, WhatsApp and other encrypted smartphone apps.
“We should buckle up. This will be a long ride,” said Dmitri Alperovitch, co-founder and former chief technical officer of the leading cybersecurity firm CrowdStrike. “Cleanup is just phase one.”
The only way to be sure a network is clean is “to burn it down to the ground and rebuild it,” Schneier said.
Imagine a computer network as a mansion you inhabit, and you are certain a serial killer as been there. “You don’t know if he’s gone. How do you get work done? You kind of just hope for the best,” he said.
Deputy White House press secretary Brian Morgenstern told reporters Friday that national security adviser Robert O’Brien has sometimes been leading multiple daily meetings with the FBI, the Department of Homeland Security and the intelligence community, looking for ways to mitigate the hack.
He would not provide details, “but rest assured we have the best and brightest working hard on it each and every single day.”
The Democratic chairs of four House committees given classified briefings on the hack by the Trump administration issued a statement complaining that they “were left with more questions than answers.”
“Administration officials were unwilling to share the full scope of the breach and identities of the victims,” they said.
Morgenstern said earlier that disclosing such details only helps U.S. adversaries. President Donald Trump has not commented publicly on the matter, but Secretary of State Mike Pompeo said on a conservative talk show Friday, “I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”
What makes this hacking campaign so extraordinary is its scale — 18,000 organizations were infected from March to June by malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds.
Only a sliver of those infections were activated to allow hackers inside. FireEye says it has identified dozens of examples, all “high-value targets.” Microsoft, which has helped respond, says it has identified more than 40 government agencies, think tanks, government contractors, non-governmental organizations and technology companies infiltrated by the hackers, 75% in the United States.
Florida became the first state to acknowledge falling victim to a SolarWinds hack. Officials told The Associated Press on Friday that hackers apparently infiltrated the state’s health care administration agency and others.
SolarWinds’ customers include most Fortune 500 companies, and it’s U.S. government clients are rich with generals and spymasters.
The difficulty of extracting the suspected Russian hackers’ tool kits is exacerbated by the complexity of SolarWinds’ platform, which has dozen of different components.
“This is like doing heart surgery, to pull this out of a lot of environments,” said Edward Amoroso, CEO of TAG Cyber.
Security teams then have to assume that the patient is still sick with undetected so-called “secondary infections” and set up the cyber equivalent of closed-circuit monitoring to make sure the intruders are not still around, sneaking out internal emails and other sensitive data.
That effort will take months, Alperovitch said.
If the hackers are indeed from Russia’s SVR foreign intelligence agency, as experts believe, their resistance may be tenacious. When they hacked the White House, the Joint Chiefs of Staff and the State Department in 2014 and 2015 “it was a nightmare to get them out,” Alperovitch said.
“It was the virtual equivalent of hand-to-hand combat” as defenders sought to keep their footholds, “to stay buried deep inside” and move to other parts of the network where “they thought that they could remain for longer periods of time.”
“We’re likely going to face the same in this situation as well,” he added.
FireEye executive Charles Carmakal said the intruders are especially skilled at camouflaging their movements. Their software effectively does what a military spy often does in wartime — hide among the local population, then sneak out at night and strike.
“It’s really hard to catch some of these,” he said.
Rob Knake, the White House cybersecurity director from 2011 to 2015, said the harm to the most critical agencies in the U.S. government — defense and intelligence, chiefly — from the SolarWinds hacking campaign is going to be limited “as long as there is no evidence that the Russians breached classified networks.”
During the 2014-15 hack, “we lost access to unclassified networks but were able to move all operations to classified networks with minimal disruptions,” he said via email.
The Pentagon has said it has so far not detected any intrusions from the SolarWinds campaign in any of its networks — classified or unclassified.
Given the fierce tenor of cyberespionage — the U.S., Russia and China all have formidable offensive hacking teams and have been penetrating each others’ government networks for years — many American officials are wary of putting anything sensitive on government networks.
Fiona Hill, the top Russia expert at the National Security Council during much of the Trump administration, said she always presumed no government system was secure. She “tried from the beginning not to put anything down” in writing that was sensitive.
“But that makes it more difficult to do business.”
Amoroso, of TAG Cyber, recalled the famous pre-election dispute in 2016 over classified emails sent over a private server set up by Democratic presidential candidate Hillary Clinton when she was secretary of state. Clinton was investigated by the FBI in the matter, but no charges were brought.
“I used to make the joke that the reason the Russians didn’t have Hillary Clinton’s email is because she took it off the official State Department network,” Amoroso said.
Individuals linked to Russia and the French military used fake Facebook and Instagram accounts to wage a covert disinformation campaign in the Central African Republic ahead of elections there this month, Facebook announced this week.
Facebook said it took down hundreds of accounts and groups linked to France and Russia accused of “coordinated inauthentic behavior” in the CAR as well as other countries in Africa and the Middle East.
While accounts traced to Russia have been repeatedly accused of such activity, Facebook told The Associated Press this is the first time it has taken action against a network tied to individuals associated with a Western government. It has taken action against networks tied to political parties in the West in the past.
Facebook’s move came ahead of elections Dec. 27 in the Central African Republic, which Facebook identified as the main target of the disinformation, at a time when both France and Russia have been jockeying for influence in the region.
The company said its investigators traced the French accounts to “individuals associated with French military.” However, Nathaniel Gleicher, Facebook’s head of security policy, said in a statement that “we did not see evidence that the French military itself directed the activity.”
Graphika, a New York City social media analysis firm that investigated the accounts with Facebook, said it found no evidence of direct institutional involvement by the French government or military.
The French military said in a statement Thursday to The Associated Press that it “firmly condemns” such disinformation efforts and is working alongside the U.N. and European partners to bring peace to the CAR.
“We are examining the results (of the Facebook-Graphika investigation), but at this stage, we’re not able to confirm any responsibility. There are many stakeholders in this struggle, public and civilian, which makes it difficult to assess the situation clearly,” the statement said.
France was once the colonial power in the Central African Republic and nearby countries that Facebook also identified as being targeted. Russian companies also have growing interests in the region.
Facebook said it removed the networks for “violating our policy against foreign or government interference which is coordinated inauthentic behavior (CIB) on behalf of a foreign or government entity.”
Russian officials have not publicly commented.
Facebook said its investigation found links to individuals associated with Russia’s Internet Research Agency, a so-called troll farm accused of meddling in the 2016 U.S. election, and Russian businessman Yevgeny Prigozhin, who has ties to the Kremlin and has been indicted by the U.S. Justice Department. Prigozhin has repeatedly denied any connections to the troll farm and its activities.
The U.S. Treasury Department has sanctioned mining businesses and employees tied to Prigozhin in the Central African Republic and claims his business activities there are coordinated with the Russian government. In a statement published this week on Russian social networks in response to media queries, Prigozhin claimed that Facebook is a tool of U.S. intelligence agencies and “a group of oligarchs” serving to advance American interests around the world.
Facebook said it has taken down the network of accounts that tried to meddle in the Central African Republic, which were among almost 500 inauthentic Facebook and Instagram accounts, pages and groups that targeted users in several African and the Middle Eastern nations with posts about COVID-19, politics or the military.
“While we’ve seen influence operations target the same regions in the past, this was the first time our team found two campaigns — from France and Russia — actively engage with one another,” Facebook said in its report on the networks.
In the Central African Republic, the dueling French and Russian troll operations tried to counter one another with Facebook posts, and at some points tried to expose the other, according to a report by Graphika.
The Russian operation, primarily conducted in French, posted pro-Kremlin videos and applauded the Central African Republic’s incumbent President Faustin-Archange Touadéra, according to Graphika.
The French operation, meanwhile, strayed away from talking about upcoming elections in posts. It began as early as May 2018, focusing on the Central African Republic and security in Mali.
One Russian page that promoted Touadéra had 50,000 followers. Meanwhile, the largest following a French group amassed in the Central African Republic was 34 followers.
“Facebook’s takedown marks a rare exposure of rival operations from two different countries going head to head for influence over a third country,” Graphika said in a statement.
Chinese ground crews are standing by for the return of a lunar probe bringing back the first fresh samples of rock and debris from the moon in more than 45 years.
The Chang’e probe is expected to land in the Siziwang district of the vast Inner Mongolia region late Wednesday or early Thursday.
It fired its engines early Wednesday to put it on course before the orbiter separates from the return vehicle, with all systems functioning as expected, the China National Space Administration said.
Recovery of the return vehicle will be complicated by its small size, darkness and heavy snow, state media reported.
Plans call for it to perform an initial bounce off the Earth’s atmosphere to reduce its speed before passing through and floating down on parachutes, making it difficult to precisely calculate where it will land, the official Xinhua News Agency quoted Bian Hancheng, a leader of the recovery crew, as saying.
State broadcaster CCTV showed four military helicopters standing by Wednesday morning at a base on the snow-covered grasslands. Crews in vehicles on the ground will also seek to hone in on signals. While sprawling in size, the area is relatively familiar because of its use as a landing site for China’s Shenzhou crewed spaceships.
Chang'e 5 set down on the moon on Dec. 1 and collected about 2 kilograms (4.4 pounds) of samples by scooping them from the surface, and by drilling 2 meters (about 6 feet) into the moon’s crust. The samples were deposited in a sealed container that was carried back to the return module by an ascent vehicle.
Flying a Chinese flag, the lander ceased functioning soon after it was used as a launching pad for the ascender, which was ejected from the orbiter after transferring the samples and came to rest on the moon’s surface.
The spacecraft’s return will mark the first time scientists have obtained fresh samples of lunar rocks since the former Soviet Union’s Luna 24 robot probe in 1976.
Chang’e 5 blasted off from a launch base in China's southern island province of Hainan on Nov. 23 on a mission expected to last 23 days.
It marks China’s third successful lunar landing but the only one to lift off again from the moon. Its predecessor, Chang’e 4, became the first probe to land on the moon’s little-explored far side and continues to send back data on conditions that could affect a future extended stay by humans on the moon.
The moon has been a particular focus of the Chinese space program, which says it plans to land humans there and possibly construct a permanent base. No timeline or other details have been announced.
Gamers probably had one of the easiest times settling into lockdown this year when the pandemic first began. With many struggling to find ways to kill time, gamers were spoilt for choices with new title releases and a surge of online activity for any player vs player (PVP) content. The epidemic has not been completely resolved as of yet, and there is still the possibility for any country to go back into lockdown. Whether that happens or not, getting your hands on the best gaming PCs of 2020 will secure the optimal gaming experience.
Alienware Aurora Ryzen Edition R10
If you’re looking for a benchmark that indicates the standard for respectable specs to get for a computer, the Alienware Aurora Ryzen Edition R10 is where you’d want to set your sites on. In terms of graphics, the product boats an AMD Radeon RX 560 with NVIDIA GeForce RTX 2080 Ti graphics card. It is true that the RTX 3080 takes the spot as one of the best graphic cards ever made, but the former does more than enough to keep up with the highest display settings in most games.
This beast of a computer also has storage of 1TB 7200RPM SATA which is a sizable amount of memory (even for Call of Duty). Its aesthetic is compact and simple, offering a sci-fi vibe that looks more like a gaming console than anything else. It is small and affordable, but be prepared to face extra costs if you want to replace certain parts of this unit to max out your specs.
MSI Trident 3 10th
Probably the most unorthodox design on this list, the MSI Trident 3 10th goes the other way when it comes to concerns over desktop space constraints. This model is possibly one of the smallest units ever created, easily recognizable for a console or even a router. Despite being tiny in stature, this model hits hard with its MSI GeForce RTX 2060 graphic card and 64 DDR4 2666MHz RAM.
The model has most of its ports front-facing and it can get a little untidy if you aim to attach multiple devices, but does make things more convenient. In terms of performance, MSI Trident can hold up with the better half of options in the market, but may suffer frame rate issues if faced with Warzone or other graphically demanding games. Not considering the game exceptions, this computer has it all: performance, ease-of-use, convenience and a healthy price tag.
HP Omen Obelisk
The HP Omen Obelisk puts theatrics aside and showcases the power of a classic, but contemporary gaming PC setup. its glass side window can open at a press of a button, revealing its 9.5 inch MircoATX motherboard and Core i9-9900K processor. Like the Alienware Aurora Ryzen, this HP desktop also sports an RTX 2080Ti graphics card and 1TB of storage. With such easy access to the desktop’s components, this model is extremely customisable and perfect for DIY enthusiasts.
Despite its familiar aesthetic, the HP Omen is more compact that in its predecessors, measured at 17.1 x 14.1 inches - allowing it to fit comfortably on most gaming desks. Overall HP Omen has been around since late 2019, but still houses cutting edge technology that competes with even newer gaming PCs. If you are keen to begin customising various components of a PC without building it from scratch - this model should be your top choice.
Youth favorite smartphone brand, realme has recently announced its designer toy, realmeow, as its Chief Trendsetting Officer to democratize trendsetting culture and showcase the diversified personality of the Gen-Z.
As the 1st designer toy launched by a tech company, realmeow is the combination of both high-tech and trendsetting design, said a press release.
realmeow co-designed by Mark A Walsh, a world-famous animator is of bold and represents the spirit of ‘Dare to Leap’.
Walsh is the Directing Animator of Pixar’s Finding Nemo and Character Developer of Pixar’s Monsters, Inc.
He said “Characters start with passion. Defining their passion, and the obstacles they must overcome to achieve that passion, is what makes a great personality and identifiable character.” Thus, he joined in realme Design Studio as the Creative Consultant to create the trendsetting realmeow, who is also independent, fearless, and agile.
As a tech trendsetter brand, realme is committed to bring the latest trends into tech industry, integrated with trendsetting culture and high- tech.
Mark and realme believe it should showcase the culture favored by the young. Therefore, realmeow is inspired from street-culture; but to make it more aesthetic and vivid, they put some elements from painting and sculpture.
Mark and realme created realmeow, inspired by a cat with mysterious powers from trendsetting planet. With yellow as the main color of its body, the designer toy always wears a pair of black Lazer Glasses. The glasses can transform any object with just a glance, making it sharp with attitude and explosive with energy.
As a designer toy, realmeow is always 18 and despite it looks cold with its laser glasses, it is cute and believes that happiness is the most important part of one’s life. It likes fried chicken, pizza, skating and hip-hop dance, and always swings with rap songs like all the youngsters.
As a Tech Trendsetter, realme is committed to bring the latest trends into the tech industry to meet the young’s demand both for trendsetting design and leap-forward technology.
In the future, realme will launch customized smartphone and AIoT products based on realmeow to build all-connected, trendsetting smart life.
realmeow is delivering the pursuit of the young for trends and unique personality, fashion and quality. With the designer toy, realme will make all efforts to explore trendsetting culture with the young. realme has also launched limited gift packages of realmeow to celebrate the new year with the young generation worldwide.
Also read: Realme Bangladesh launches Realme 7 series