(RepublicanInformer.com)- According to findings from the security firm Palo Alto Networks, in a series of cyberattacks that began September 17 and continued through early October, foreign hackers are suspected to have breached nine organizations in the defense, energy, healthcare, technology, and education sectors – at least one of those organizations is located in the United States.
The National Security Agency, along with cybersecurity researchers have exposed an ongoing effort by these hackers to steal key data from US defense contractors and other sensitive targets. NSA officials, along with officials from the US Cybersecurity and Infrastructure Security Agency (CISA) are tracking the threat.
In these particular cyberattacks, hackers stole passwords from targeted organizations in hopes of maintaining long-term access to their networks. With the passwords, hackers would be well-placed to intercept sensitive data stored on systems or sent over email.
Calling the nine confirmed victims “the tip of the spear,” Palo Alto Networks executive Ryan Olson said he expects additional victims to emerge. While the hackers have not been identified, Olson told CNN that the tools and tactics used are similar to those used by a suspected hacking group out of China. Neither the NSA nor the CISA would comment on the hackers’ possible identity.
According to Palo Alto Networks, the attackers are exploiting vulnerabilities in the software corporations use to manage their network passwords. In September, the CISA and the FBI warned the public that hackers were exploiting this software flaw and urged them to update their systems. Just days later the hackers tracked by Palo Alto Networks scanned 370 computer servers in the United States which run the software in question.
Olson suggested organizations that use Zoho software update their systems and run a search for any signs of a breach.
Federal officials are citing the rapid response in identifying this particular system breach as an example of the successful relationship between the government’s national security apparatus and private cybersecurity firms.
According to Morgan Adamski, director of the NSA’s Cybersecurity Collaboration Center, the revelation of the hacking activity shows that the NSA is “delivering real-time impact to our partners and the defense of the nation.”
