Skip to content
Connect
Stories

What are the Russian hackers searching for this time?

People in this story

Photo by Matthew Modoono/Northeastern University
Scenes at the Colosseum which is operated by the Institute for the Wireless Internet of Things (W-IoT) at Northeastern University, and housed at the Northeastern Innovation Campus in Burlington, Massachusetts on Nov. 11, 2020.

The depth of the latest Russian hack into the e-mail systems of the Treasury Department, State Department, and other U.S. government agencies is stunning, but the strategy of manipulating a third party to infiltrate computer networks is not, according to Engin Kirda, a professor of computer science at Northeastern who studies computer security.

“It highlights the problem of I.T. outsourcing and also relying on other people’s software to manage your networks,” says Kirda, who holds joint appointments in Northeastern’s Khoury College of Computer Sciences and College of Engineering. “Outsourcing and having professional management software is great, but then your security also depends on their security. If they fail, the implications of this failure might affect thousands of organizations.”

The hackers are believed to have injected malicious code earlier this year into the software updates of SolarWinds, a Texas company that helps manage computer networks for virtually all of the Fortune 500 companies and a wide variety of government clients—including Los Alamos National Laboratory, a designer of U.S. nuclear weapons.

The coordinated attack, which appears to have been waged on a number of fronts, was far more sophisticated than the typical spear-phishing campaigns that trick users into accessing links that appear to be authentic.

Though 18,000 users unwittingly downloaded the updates with the embedded Russian code, the hacks focused mainly on “the highest-value targets,” according to FireEye, a private cybersecurity firm that discovered the attacks. (FireEye itself was targeted and compromised as well.) The precise goals of the hackers, who are thought to represent the Russian intelligence agency S.V.R., remain unknown.

Continue reading at News@Northeastern.

More Stories

Hundreds of people stage a demonstration against Xi Jinping's zero-Covid policy at Liangmaqiao district in Beijing, China on Nov. 27, 2022. The Chinese government has faced unprecedented dissent protests in several cities, including Urumqi, Shanghai, and Beijing.

Mass protests may ease covid restrictions in China but won’t lead to any democratic freedoms, Northeastern experts say

12.02.2022
CHEROKEE, NC - MAY 11: A Native American poses for pictures along the highway on May 11, 2018 in Cherokee, North Carolina. Located near the entrance to Great Smoky Mountains National Park on the North Carolina side of the Appalachian Mountains, and at the southern end of the Blue Ridge Parkway, the region is home to the Cherokee Nation band of Indians.

Words—and tribal location—matter to citizen of Cherokee Nation

11.30.2022
A general view of the Federal Emergency Management Agency (FEMA) headquarters, in Washington, D.C., on Monday, September 19, 2022.

The Department of Homeland Security, ‘not set up for success,’ navigates rocky 20 years. How are things today?

12.02.22
News@Northeastern