This will continue until America is either crippled beyond repair, or until America decides to abandon its “patch and pray” reactive measures that do almost nothing against future threats, and become proactive.
Government and private networks hit by sophisticated cyber espionage
Foreign government hackers are continuing to target U.S. government and private sector computer networks in sophisticated cyber attacks, the FBI warned in an alert sent this week.
“Advanced Persistent Threat (APT) cyber actors continue to target sensitive information stored on U.S. commercial and government networks through cyber espionage,” the FBI said in the May 11 notice.
The term “APT actor” is a euphemism for state-sponsored or highly sophisticated cyber attackers, usually involving connections to foreign militaries or intelligence services.
Two cyber security researchers who examined the FBI notice listing details of the cyber attacks said the tactics appeared similar to those used in the past by Chinese hackers, including the suspects behind the massive theft of records on 22 million federal workers from the Office of Personnel Management.
The FBI listed seven major Internet server software types hacked in the past year, including two Adobe ColdFusion security flaws. ColdFusion software is used with large databases.
Other attacks involved Apache Tomcat, JBoss, and Cacti, software used for remote data logging. Drupal servers used to operate a large number of websites around the world, including corporate and government sites, also were compromised. Joomla content-management software also was compromised, the FBI said.
A seventh compromise affected Oracle’s E-Business Suite software, used for customer management and supply-chain management.
State-sponsored hackers exploited vulnerabilities in all seven types of software, and “some of these vulnerabilities are also exploited by cyber criminals in addition to state-sponsored operators,” the FBI said.
Full article: FBI Warns Nation-State Cyber Attacks Are Continuing (Washington Free Beacon)