Those resellers help set up Microsoft software and often have broad access to clients’ systems, which Russia’s hackers could exploit on untold numbers of Microsoft customers. CrowdStrike, a security firm, confirmed last month that it was targeted, unsuccessfully, through a company that sells software on behalf of Microsoft. It has not said which products may have been compromised. 31 that its network was breached by the same intruders, and confirmed that they viewed the company’s source code. ![]() In the joint announcement, officials said they believed the Russian hackers stopped at 10 federal agencies, but an internal assessment by Amazon, which has been examining hackers’ tools, believe the total number of victims in government and the private sector could be upward of 250 organizations. SolarWinds has said that 18,000 customers downloaded its compromised software, but investigators believe Russia was judicious in which of those networks it gained access to, making it difficult to quickly assess the damage. The company said it had yet to confirm a definitive link between JetBrains and the breach and compromise of its own software. SolarWinds confirmed Wednesday that it used TeamCity software to assist with the development of its software and was investigating the software as part of its investigation. “If such an investigation is undertaken, the authorities can count on our full cooperation.” “We have not been contacted by any government or security agency regarding this matter, nor are we aware of being under any investigation,” Maxim Shafirov, the company’s chief executive, said in a post Wednesday. In a statement on its blog, JetBrains said it had not been contacted by government or security agencies. But the statement offered no details, and made no mention of the JetBrains software or the S.V.R., Russia’s most skilled intelligence agency. On Tuesday, the Office of the Director of National Intelligence, the F.B.I., the Department of Homeland Security and the National Security Agency issued a joint statement formally declaring that Russia was most likely the origin of the hacking. They are seeking to learn if it was a parallel way for Russia’s main intelligence agency to enter government and private systems, or whether it was the original avenue for Russian operatives to first infiltrate SolarWinds. Government officials are not certain how a potential compromise of the JetBrains software relates to the larger SolarWinds hacking. Separately, the Justice Department said that its email system had been compromised as part of the SolarWinds hacking, an announcement that expands the scope of the government computers that Russia was able to infiltrate. Because TeamCity is so widely deployed, experts said, it is imperative to determine whether its software contains a vulnerability, or if attackers exploited TeamCity customers via stolen passwords or gaps in unpatched, outdated software. JetBrains counts 79 of the Fortune 100 companies as its customers, including SolarWinds.By compromising TeamCity, or exploiting gaps in how customers use the tool, cybersecurity experts say the Russian hackers could have inconspicuously planted back doors in an untold number of JetBrains’ clients. ![]() TeamCity is a build management and continuous integration server offered by the Czech software development company. In a separate development, The New York Times, Reuters, and The Wall Street Journal reported intelligence bureaus are probing the possibility that JetBrains' TeamCity software distribution system was breached and "used as a pathway for hackers to insert back doors into the software of an untold number of technology companies." JetBrains denies involvement in SolarWinds hack ![]() The espionage campaign, which originated in March 2020, worked by delivering malicious code that piggybacked on SolarWinds network-management software to as many as 18,000 of its customers, although additional intrusive activity is believed to have been conducted only against select targets. The agencies described the entire SolarWinds operation as "an intelligence gathering effort." Built to meet the needs of today’s software teams, TeamCity Cloud applies all of JetBrains’ hard earned knowledge about the best development practices to continuous integration. The disclosure comes a day after the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA) issued a joint statement formally accusing an adversary "likely Russian in origin" for staging the SolarWinds hack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |