Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Washington DC. Show all posts

US Think Tank Struck by Cyberattack

 

The Heritage Foundation, a prominent conservative think tank based in Washington, DC, revealed on Friday that it had fallen victim to a cyberattack earlier in the week. The attack, which occurred amid ongoing efforts to mitigate its effects, left the organization grappling with uncertainties regarding potential data breaches. 

Although the exact extent of the breach remained unclear, the foundation took proactive measures by temporarily shutting down its network to prevent further infiltration while launching an investigation into the incident.

Initial reports of the cyberattack surfaced through Politico, citing a Heritage official who speculated that the perpetrators behind the attack could be nation-state hackers. However, no concrete evidence was provided to substantiate this claim. Despite inquiries, Heritage spokesperson Noah Weinrich refrained from offering comments, both on Thursday via email and when approached by TechCrunch on Friday.

Founded in 1973, the Heritage Foundation has emerged as a significant force in conservative advocacy and policymaking, exerting considerable influence within Republican circles. Yet, its prominence also renders it a prime target for cyber threats, with think tanks often serving as lucrative targets for cyber espionage due to their close ties to government entities and policymaking processes. 

This incident marks another instance in which Heritage has faced cyber adversity, reminiscent of a 2015 attack that resulted in the unauthorized access and theft of internal emails and sensitive donor information.

Foiled Attempt to Hack Supply Chain Sparks Concerns in Washington DC

 

An attempted sabotage of a widely used software tool has sparked concerns in Washington, D.C. about the vulnerability of the open-source supply chain and the potential involvement of foreign nation-states in covert operations.

A software engineer named Andres Freund, working at Microsoft, uncovered hidden malicious code within two versions of a popular open-source data compression tool on Friday, March 29. These compromised versions had already been incorporated into two editions of the widely used Linux operating system. This discovery initiated urgent efforts by security experts and government agencies to prevent the compromised code, known as Xz, from being exploited for spying or cyberattacks against Linux users. The U.S. government's primary civilian cybersecurity agency, CISA, promptly issued guidance on addressing the issue.

Swift actions and the targeted nature of the exploit likely averted widespread damage from the hack. Nevertheless, the incident has rattled the cybersecurity community, both for its execution and its implications.

A GitHub user named Jia Tan, whose identity remains uncertain, spent approximately two years establishing credibility within the developer community before exploiting that trust to gain control of Xz. This manipulation of trust even garnered support from at least five other GitHub users who endorsed Jia Tan's reliability, according to Marc Rogers, a cybersecurity researcher investigating the incident.

This kind of human-enabled digital espionage is unprecedented in the realm of open source, noted Anjana Rajan, an official at the White House Office of the National Cyber Director. The involvement of nation-states is suspected, although agencies like the FBI and NSA have not confirmed any investigations. Former government cyber experts are convinced that inquiries are underway.

 The incident has prompted a reassessment of open-source code security. Despite being vital to the digital economy, open-source software is often maintained by a single volunteer, making it susceptible to exploitation. There are indications that Xz may have been targeted because its previous developer expressed frustration with their workload.

There is a growing consensus that measures must be taken to safeguard open-source code. Many projects rely on individuals who maintain them without recognition or reward, leaving them vulnerable to attacks like this one, observed Rogers.