Could the US be attacked successfully?

Cyber ​​attack against the USA - Hacker attack in the USA: The enemy is reading too

Jump to content
  1. News
  2. International
  3. Current article
content

In the United States, key government agencies were hacked. But companies all over the world are also affected, including Switzerland.

A hack with particular implications: As the "New York Times" and the "Washington Post" report, several federal agencies in the USA have been attacked by hackers for months. The White House has confirmed corresponding media reports. Companies and authorities around the world are also affected.

US Agencies Affected

Open the box Close the box

In the US, the Treasury, the Commerce Department and the Telecommunications Authority are said to have been infected. Of the more than 300,000 customers of Solar Winds, around 18,000 had downloaded the malicious software. What is explosive is that the Department of Homeland Security, the US Department of Homeland Security, was also affected. This had to guarantee, among other things, that everything went with the right things in the November elections. The Department of Justice and the Pentagon also downloaded the infected software.

Clever action by the hackers: “The hackers were able to infect software from a company that works with companies and authorities around the world,” explains Jürg Tschirren, SRF digital editor. The Orion software from Solar Winds is used to manage large computer networks. The hackers succeeded in installing a back door in this software, which was then automatically delivered to thousands of customers with an update.

Access to almost everything within the networks: It is not yet known exactly what information the hackers were actually able to gain, but - according to Jürg Tschirren - "They could probably read e-mails, copy data, switch off virus scanners and create new, supposedly secure user accounts." The potential damage is huge. The hackers would not have paralyzed the systems, encrypted any data or demanded a ransom. «There don't seem to be any criminal motives behind it. The assumption is that it is a matter of espionage », says Tschirren.

US media see Russians as authors: As the Washington Post reports, hackers with connections to the Russian secret service SWR are responsible for the attacks. Kremlin spokesman Dmitry Peskov said Russia had nothing to do with it. "Even if the Americans could not do anything about it for many months, one should not immediately accuse the Russians of everything for nothing." He recalled the proposal by Russian President Vladimir Putin to work more closely with the US on cybersecurity.

It could have been someone else: Regarding the allegations against the Russians, SRF-Digital editor Tschirren says: "When secret services carry out hacker attacks, they are usually interested in that the attack is not attributed to them, but to other bodies." But the Russian secret service was not targeted by chance, because in the past it had repeatedly come under suspicion of being behind hacker attacks on US targets. Furthermore, not many states have enough knowledge to carry out such a sophisticated attack, but Russia does.

Switzerland is also affected: The Inside-IT website reports that around 30 Swiss companies are also among the customers of Solar Winds. However, it is not clear how many of the companies actually use the Solar Winds Orion software and how many of these companies have downloaded the malware-infected update.

Echo of the time from 16.12. 2020, 6 p.m. tscj / lin / srf / agencies;

  1. News
  2. International
  3. Current article
Shut down

Always well informed!

Receive all news highlights directly via browser push and always stay up to date. More

Push notifications are brief messages on your screen with the most important messages - regardless of whether srf.ch is currently open or not. If you click on one of the notes, you will be taken to the corresponding article. You can deactivate these notifications at any time. Fewer

Activate push notifications

You have already hidden this notice about activating browser push notifications several times. Do you want to hide this notice permanently or be reminded of it again in a few weeks?

Most read articles

Scroll left Scroll right

Social login

For the registration we need additional information about yourself.

{* #socialRegistrationForm *} {* firstName *} {* lastName *} {* emailAddress *} {* displayName *} {* mobile *} {* addressCity *} {* / socialRegistrationForm *}

Welcome back

Please log in to enter a comment.

{* loginWidget *} Use a different account

Login and register


Log In

{* #signInForm *} {* signInEmailAddress *} {* currentPassword *} Forgot your password? {* / signInForm *}

Simply log in with your social media account or your Apple ID

{* loginWidget *}

Create a new password

Enter the email address of your user account. We will then send you a link that you can use to create a new password.

{* #forgotPasswordForm *} {* signInEmailAddress *} {* / forgotPasswordForm *}

Create a new password

You will shortly receive an email with a link to renew your password.

Didn't get a message?

If you have not received an e-mail after 10 minutes, please check your SPAM folder and the details of your e-mail address.

Welcome back

Please log in to enter a comment.

{* #signInForm *} {* signInEmailAddress *} {* currentPassword *} Forgot your password? {* / signInForm *} Use a different account

Technical error

Oh oops! A technical issue occured. Please try again later or contact our customer service.

Confirm mobile number

So that you can enter a comment, we ask you to confirm your mobile number. We will send you an SMS code to the mobile number.

There has been an error. Please try again or contact our customer service.

Too many codes have already been requested for the mobile number. The function is blocked to prevent misuse.

Too many attempts. Please request a new code or contact our customer service.

Change mobile number

Too many attempts. Please request a new code or contact our customer service.

This mobile number is already in use. Please change your mobile number or contact our customer service.

Change mobile number

The maximum number of codes for the specified number has been reached. No more codes can be created.

Confirm email address

We have sent you an email at the address {* emailAddressData *} Posted. Please check your e-mail inbox and confirm your account using the activation link you received.

Didn't get a message?

If you have not received an e-mail after 10 minutes, please check your SPAM folder and the details of your e-mail address.

Adjust user data

{* resendLink *}

Register and login


to register

With an SRF account, you have the option of entering comments on our website and in the SRF app.

{* #registrationForm *} {* firstName *} {* lastName *} {* emailAddress *} {* displayName *} {* mobile *} {* addressCity *} {* newPassword *} {* newPasswordConfirm *} {* / registrationForm *}

Confirm email address

We have sent you an email at the address {* emailAddressData *} Posted. Please check your e-mail inbox and confirm your account using the activation link you received.

Didn't get a message?

If you have not received an e-mail after 10 minutes, please check your SPAM folder and the details of your e-mail address.

Adjust user data

{* resendLink *}

Your activation email has been sent

Please check your e-mail inbox. The activation email has been sent.

Verified email address

Thank you for verifying your email address.

user account

In this view you can manage your user data.

{* savedProfileMessage *} {* / editProfileForm *}

Change Password

Deactivate account

User data saved successfully

You can view your data at any time in your user account.


Adjust user data

Change Password

Define a new password for your account {* emailAddressData *}.

{* #changePasswordForm *} {* currentPassword *} {* newPassword *} {* newPasswordConfirm *} {* / changePasswordForm *}

Create a new password

Define a new password for your account.

{* #changePasswordFormNoAuth *} {* newPassword *} {* newPasswordConfirm *} {* / changePasswordFormNoAuth *}

Password saved successfully

You can now log in to the article with your new password.

Create a new password

We did not recognize the code to reset the password. Please re-enter your email address so that we can send you a new link.

{* #resetPasswordForm *} {* signInEmailAddress *} {* / resetPasswordForm *}

Create a new password

You will shortly receive an email with a link to renew your password.

Didn't get a message?

If you have not received an e-mail after 10 minutes, please check your SPAM folder and the details of your e-mail address.

Deactivate account

Your account will be deactivated and you will not be able to reactivate it. Recorded comments are not deleted.

Do you really want to deactivate your account?

{* deactivateAccountForm *} {* / deactivateAccountForm *}

Account deactivated

Your account has been deactivated and can no longer be used.
If you would like to register again for the comment function, please contact SRF customer service.

  • Comment from René Baron (René Baron)
    The tragic thing is that Americans always have to notice until everyone else checks that they have a problem ...
    Agree agree to the comment
  • Comment from Remo Kucera (Remo Kucera)
    But ... But ... But ... But isn't the Internet that safe? They swear that to us every day! Even young people and politicians like to say that the Internet is THE future and a secure one at that.
    But hey, at least 11,000 Swiss passport data was not published as it was recently.
    Agree agree to the comment
    1. answer from Philipp Christians (pchr)
      Hihi, irony. Funny.
      As long as people are involved, the technology underneath can still be so secure, there is always the possibility that the user will make a mistake (e.g. simple / missing password). Or the developers of the tools.
      And: smoke signals, telegrams, carrier pigeons, letters or whispering in the ear is also super safe and almost as fast and practical as the internet, nödwahr.
      Agree agree to the comment
    2. Show answers
  • Comment from Urs Schneider ()
    Apparently SolarWinds accidentally published an FTP password (solarwinds123) on Github (TheRegister). The same password was used on the update server. In underground forums, access to SolarWinds was probably available for sale from several providers (Reuters).
    Who broke in doesn't really matter. Today you point to Russia, tomorrow to North Korea. Companies and states must learn to better secure infrastructure instead of expanding offensive capabilities.
    Agree agree to the comment

Footer


Metanavigation