Placeholder Image

字幕表 動画を再生する

  • In December of 2020, a cybersecurity firm detected a cyber attack on an unprecedented scale.

  • Malicious software had been operating undetected for months,

  • possibly affecting as many as 18,000 organizations

  • including most U.S. federal government unclassified networks and more than 425 Fortune 500 companies.

  • More than a month after the breach was discovered, there are still a lot of things we don't know,

  • like how it happened, and what it's going to take to recover.

  • But before we get started, the reality is that there aren't a lot of facts out there at the moment,

  • but here's what we do know.

  • There are indicators that this is not just one guy sitting in his basement.

  • This hack is what's known as a supply chain attack,

  • where hackers get past their target's security using a trusted third party's software.

  • Supply chain attacks take considerable resources and time to pull off,

  • meaning they're usually the work of hackers backed by a nation-state.

  • While cyberwarfare and espionage is something many countries engage in,

  • one nation in particular has emerged as a likely suspect.

  • The U.S. has an ongoing contentious relationship with Russia in cyberspace.

  • Each country has access to the other's power grid,

  • and Russian intelligence is credited with breaking into the email servers of the White House,

  • State Department, and Joint Chiefs of Staff in 2014 and 2015.

  • So, when news of the latest intrusion broke, federal authorities and cybersecurity experts named Russia as the most likely culprit.

  • Russia, for its part, denies any involvement.

  • You may be wondering how the hackers managed to gain access to such a wide breadth of networks,

  • including those of the U.S. Departments of Treasury, Commerce, Energy, and State.

  • While multiple vendors that work with the U.S. government like Microsoft were attacked,

  • most of the affected networks we know about so far can be traced to a Texas-based company called SolarWinds.

  • SolarWinds provides network monitoring and management tools.

  • Its flagship software, called Orion, is used by over 33,000 companies.

  • SolarWinds was initially breached as far back as September 2019.

  • It's under the impression that hackers were able to target this trusted company

  • and install malware into an update of the Orion software that all of their clients unsuspectedly downloaded.

  • It's hard to grapple with just how massive a security breach this is,

  • partly because we still don't know the extent to which networks are compromised.

  • SolarWinds identified 18,000 networks that installed the update.

  • The breach went unnoticed for almost 9 months, giving the hackers lots of time to delete their initial entry points,

  • create new ones, and in some cases, take full control of networks.

  • Which networks they have access to and which ones they can fully control, we still don't know.

  • What they plan to use their access for is also a question mark,

  • but they've penetrated some networks so thoroughly they could potentially alter or delete data

  • and impersonate government officials.

  • Ridding the affected systems of malware is not as simple as deleting Orion.

  • Some experts are calling for entire networks to be rebuilt, which would be incredibly time consuming and costly.

  • That's because the current system used by the U.S. is a multibillion-dollar detection system called Einstein

  • that works to identify malware and potential attacks.

  • But Einstein had a flaw as it has been reported that its systems were not equipped to effectively identify new uses of already known code.

  • Therefore it allowed the new malicious code to pass undetected in the system.

  • So, automatic defenses like Einstein will have to be updated to patch blindspots the hackers exploited,

  • and teams of security professionals will have to supplement Einstein by scouring code themselves

  • to root out malware automated defenses miss.

  • It's going to take a long time and a lot of money to evict these bad actors.

  • With cyberwarfare and espionage paying out huge dividends compared to the cost of the operations,

  • expect cyberattacks to be a regular part of our future moving forward.

In December of 2020, a cybersecurity firm detected a cyber attack on an unprecedented scale.


動画の操作 ここで「動画」の調整と「字幕」の表示を設定することができます

B1 中級

The U.S. Was Hacked for MONTHS, Here’s What We Know So Far

  • 2 1
    林宜悉 に公開 2021 年 02 月 04 日