Connect with us

Reuters

Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources

By Christopher Bing, Jack Stubbs, Raphael Satter and Joseph Menn

Published

on

WASHINGTON (Reuters) – Suspected Chinese hackers exploited a flaw in software made by SolarWinds Corp to help break into U.S. government computers last year, five people familiar with the matter told Reuters, marking a new twist in a sprawling cybersecurity breach that U.S. lawmakers have labeled a national security emergency.

Two people briefed on the case said FBI investigators recently found that the National Finance Center, a federal payroll agency inside the U.S. Department of Agriculture, was among the affected organizations, raising fears that data on thousands of government employees may have been compromised.

The software flaw exploited by the suspected Chinese group is separate from the one the United States has accused Russian government operatives of using to compromise up to 18,000 SolarWinds customers, including sensitive federal agencies, by hijacking the company’s Orion network monitoring software.

Security researchers have previously said a second group of hackers was abusing SolarWinds’ software at the same time as the alleged Russian hack, but the suspected connection to China and ensuing U.S. government breach have not been previously reported.

Reuters was not able to establish how many organizations were compromised by the suspected Chinese operation. The sources, who spoke on condition of anonymity to discuss ongoing investigations, said the attackers used computer infrastructure and hacking tools previously deployed by state-backed Chinese cyberspies.

A USDA spokesman said in an email “USDA has notified all customers (including individuals and organizations) whose data has been affected by the SolarWinds Orion Code Compromise.”

In a follow-up statement after the story was published, a different USDA spokesman said the NFC was not hacked and that “there was no data breach related to Solar Winds” at the agency. He did not provide further explanation.

The Chinese foreign ministry said attributing cyberattacks was a “complex technical issue” and any allegations should be supported with evidence. “China resolutely opposes and combats any form of cyberattacks and cyber theft,” it said in a statement.

SolarWinds said it was aware of a single customer that was compromised by the second set of hackers but that it had “not found anything conclusive” to show who was responsible. The company added that the attackers did not gain access to its own internal systems and that it had released an update to fix the bug in December.

FILE PHOTO: SolarWinds Corp. banner hangs at the New York Stock Exchange (NYSE) on the IPO day of the company in New York, U.S., October 19, 2018. REUTERS/Brendan McDermid

In the case of the sole client it knew about, SolarWinds said the hackers only abused its software once inside the client’s network. SolarWinds did not say how the hackers first got in, except to say it was “in a way that was unrelated to SolarWinds.”

The FBI declined to comment.

Although the two espionage efforts overlap and both targeted the U.S. government, they were separate and distinctly different operations, according to four people who have investigated the attacks and outside experts who reviewed the code used by both sets of hackers.

While the alleged Russian hackers penetrated deep into SolarWinds network and hid a “back door” in Orion software updates which were then sent to customers, the suspected Chinese group exploited a separate bug in Orion’s code to help spread across networks they had already compromised, the sources said.

‘EXTREMELY SERIOUS BREACH’

The side-by-side missions show how hackers are focusing on weaknesses in obscure but essential software products that are widely used by major corporations and government agencies.

“Apparently SolarWinds was a high value target for more than one group,” said Jen Miller-Osborn, the deputy director of threat intelligence at Palo Alto Networks’ Unit42.

Former U.S. chief information security officer Gregory Touhill said separate groups of hackers targeting the same software product was not unusual. “It wouldn’t be the first time we’ve seen a nation-state actor surfing in behind someone else, it’s like ‘drafting’ in NASCAR,” he said, where one racing car gets an advantage by closely following another’s lead.

The connection between the second set of attacks on SolarWinds customers and suspected Chinese hackers was only discovered in recent weeks, according to security analysts investigating alongside the U.S. government.

Reuters could not determine what information the attackers were able to steal from the National Finance Center (NFC) or how deep they burrowed into its systems. But the potential impact could be “massive,” former U.S. government officials told Reuters.

The NFC is responsible for handling the payroll of multiple government agencies, including several involved in national security, such as the FBI, State Department, Homeland Security Department and Treasury Department, the former officials said.

Records held by the NFC include federal employee social security numbers, phone numbers and personal email addresses as well as banking information. On its website, the NFC says it “services more than 160 diverse agencies, providing payroll services to more than 600,000 Federal employees.”

“Depending on what data were compromised, this could be an extremely serious breach of security,” said Tom Warrick, a former senior official at the U.S Department of Homeland Security. “It could allow adversaries to know more about U.S. officials, improving their ability to collect intelligence.”

Reporting by Christopher Bing and Raphael Satter in Washington, Joseph Menn in San Francisco, and Jack Stubbs in London; Additional reporting by Brenda Goh in Shanghai; Editing by Jonathan Weber and Edward Tobin

for-phone-onlyfor-tablet-portrait-upfor-tablet-landscape-upfor-desktop-upfor-wide-desktop-up

Source: https://www.reuters.com/article/us-cyber-solarwinds-china/exclusive-suspected-chinese-hackers-used-solarwinds-bug-to-spy-on-u-s-payroll-agency-sources-idUSKBN2A22K8

exclusive:-suspected-chinese-hackers-used-solarwinds-bug-to-spy-on-u.s.-payroll-agency-–-sources

Reuters

Eco-friendly sneaker maker Allbirds aims for $2 bln valuation in U.S. IPO

Eco-friendly sneaker maker Allbirds Inc said on Monday it aims to be valued at over $2 billion in its New York IPO, joining a growing number of firms tapping into surging consumer demand and investor interest for such products.

Published

on

A sign on the entrance to the Allbirds flagship store is seen in Manhattan, New York City, U.S., September 7, 2021. REUTERS/Shannon Stapleton

Oct 25 (Reuters) – Eco-friendly sneaker maker Allbirds Inc said on Monday it aims to be valued at over $2 billion in its New York IPO, joining a growing number of firms tapping into surging consumer demand and investor interest for such products.

The company, backed by asset manager Franklin Templeton, said it is offering 19.2 million shares priced between $12 and $14 each, along with the selling stockholders. At the top end of that range, the IPO would fetch about $269 million.

As global calls grow to limit global warming and switch to more environmentally friendly ways of living, several companies have come under investor and activist pressure to contribute to the change.

Among a handful of startups that recently tapped into investor interest in such sustainable offerings were Oprah Winfrey-backed vegan milk maker Oatly Group AB (OTLY.O) and Jessica Alba’s consumer goods company Honest Co (HNST.O). read more

Founded in 2015, Allbirds is also backed by Oscar-winning actor Leonardo DiCaprio and uses wool, fiber derived from eucalyptus and other plant-based alternatives in its products. It has partnered with Adidas to create a range of sustainable sneakers, some of which have become immensely popular across Silicon Valley where the company is headquartered.

Numerous celebrities, top business executives and high-profile personalities such as Barack Obama, Ashton Kutcher and Google co-founder Larry Page have been spotted wearing Allbirds sneakers in recent years.

Allbirds, however, toned down some of its environmental references in an amended filing earlier this month. The company, which said in August it would pioneer a framework to conduct the first-ever “sustainable public equity offering”, later removed references to the claim.

In its latest filing, Allbirds said it expects net revenue to grow up to 32% to $62.5 million for the three months ended Sept. 30, due to higher sales at its physical stores.

However, higher expenses are expected to drive up net losses to about $15 million to $18 million in the quarter, from nearly $7 million a year earlier.

Morgan Stanley, J.P. Morgan and BofA Securities are the lead underwriters for the offering.

Reporting by Niket Nishant in Bengaluru; Editing by Ramakrishnan M.

Our Standards: The Thomson Reuters Trust Principles.

Founded in 2015, Allbirds is also backed by Oscar-winning actor Leonardo DiCaprio and uses wool, fiber derived from eucalyptus and other plant-based alternatives in its products. It has partnered with Adidas to create a range of sustainable sneakers, some of which have become immensely popular across Silicon Valley where the company is headquartered.

Source: https://www.reuters.com/business/retail-consumer/footwear-maker-allbirds-targets-over-2-bln-valuation-us-ipo-2021-10-25/

eco-friendly-sneaker-maker-allbirds-aims-for-$2-bln-valuation-in-u.s.-ipo

Continue Reading

Reuters

Facebook apologizes for second outage in a week, services back up

Facebook Inc apologized to users for a two hour disruption to its services on Friday and blamed another faulty configuration change for its second global outage this week.

Published

on

Silhouettes of mobile users are seen next to a screen projection of Instagram logo in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration/File Photo

Oct 8 (Reuters) – Facebook Inc (FB.O) apologized to users for a two hour disruption to its services on Friday and blamed another faulty configuration change for its second global outage this week.

The company confirmed its social media platform, Instagram, Messenger and Workplace were impacted by the latest outage.

“Sincere apologies to anyone who wasn’t able to access our products in the last couple of hours,” the company said. “We fixed the issue, and everything should be back to normal now.”

During the latest outage, some users were unable to load their Instagram feeds, while others were not able to send messages on Facebook Messenger.

People swiftly took to Twitter to share memes and jokes about the second service disruption this week. “Looks like Facebook went to a 3-day work week. Monday and Friday shutdowns?” a Twitter user said.

Instagram thanked users for their patience and “for all the memes this week”.

On Monday, the social media giant blamed a “faulty configuration change” for a nearly six-hour outage that prevented the company’s 3.5 billion users from accessing its social media and messaging services such as WhatsApp, Instagram and Messenger.

The outage on Monday was the largest that web monitoring group Downdetector had ever seen and blocked access to the apps for billions of users, leading to a surge in usage of rival social media and messaging apps. read more

Moscow officials said Monday’s outage showed Russia was right to develop its own social media networks, while EU antitrust chief Margrethe Vestager highlighted the repercussions of relying on just a few big players, underscoring the need for more rivals. read more

Both the outages piled pressure on Facebook this week after a former employee turned whistleblower accused the company on Sunday of repeatedly prioritizing profit over clamping down on hate speech and misinformation. read more

Reporting by Subrat Patnaik in Bengaluru and Sheila Dang in Dallas; Additional reporting by Bhargav Acharya; Editing by Shounak Dasgupta

Our Standards: The Thomson Reuters Trust Principles.

“Sincere apologies to anyone who wasn’t able to access our products in the last couple of hours,” the company said. “We fixed the issue, and everything should be back to normal now.”

Source: https://www.reuters.com/technology/instagram-feeds-not-loading-some-users-2021-10-08/

facebook-apologizes-for-second-outage-in-a-week,-services-back-up

Continue Reading

Reuters

Chinese social media platforms to “rectify” financial self-media accounts

China’s top social media platforms, Wechat, Douyin, Sina Weibo and Kuaishou, said on Saturday they would begin to rectify irregular practices of “self-media” accounts that publish financial information, reported state media Global Times.

Published

on

WeChat app is seen on a smartphone in this illustration taken, July 13, 2021. REUTERS/Dado Ruvic/Illustration/File Photo

SHANGHAI, Aug 28 (Reuters) – China’s top social media platforms, Wechat, Douyin, Sina Weibo and Kuaishou, said on Saturday they would begin to rectify irregular practices of “self-media” accounts that publish financial information, reported state media Global Times.

This follows an announcement by China’s cyberspace regulator, the Cyberspace Administration of China (CAC), that it would look into accounts that have repeatedly released financial news illegally, distorted economic policy interpretation, badmouthed financial markets, spread rumours and disrupted network communications.

The term “self-media” is mostly used on Chinese social media to describe independently operated accounts that produce original content but are not officially registered with the authorities.

Wechat said in a statement on Saturday that from now until Oct. 26, it would investigate and shut down financial self-media accounts that “badmouth the financial market” and “blackmail and spread rumors.”

Sina Weibo, Douyin and Kuaishou also released similar statements on Saturday, reported the Global Times, with Sina Weibo and Kuaishou adding that they would severely crack down on accounts that violate the rules.

The announcements come amid a recent crackdown by Beijing on the tech sector, with the latest regulations targeting “chaotic” celebrity fan culture and algorithms that technology companies use to drive their business. read more

China is also framing rules to ban internet companies whose data poses potential security risks from listing outside the country, including in the United States. read more

Reporting by Emily Chow. Editing by Gerry Doyle

Our Standards: The Thomson Reuters Trust Principles.

The term “self-media” is mostly used on Chinese social media to describe independently operated accounts that produce original content but are not officially registered with the authorities.

Source: https://www.reuters.com/world/china/chinese-social-media-platforms-rectify-financial-self-media-accounts-2021-08-28/

chinese-social-media-platforms-to-

Continue Reading

Title

Reuters1 day ago

Eco-friendly sneaker maker Allbirds aims for $2 bln valuation in U.S. IPO

Eco-friendly sneaker maker Allbirds Inc said on Monday it aims to be valued at over $2 billion in its New...

ZDNET2 days ago

Comcast gave me good, precise news. The truth was precisely the opposite

Many companies believe that technology is perfect for customer service communication. Often, though, it just isn't.

Bioengineer5 days ago

Sex differences in COVID-19 outcomes

Credit: Mary Ann Liebert, Inc., publishers In a study of more than 10,600 adult patients hospitalized with COVID-19, women had

Techcrunch7 days ago

Resistant AI scores $16.6M for its anti-fraud fintech tools – TechCrunch

Resistant AI, which uses artificial intelligence to help financial services companies combat fraud and financial crime — selling tools to...

Techcrunch7 days ago

Facebook reportedly plans to change its name to focus on the metaverse – TechCrunch

Facebook is planning to rebrand the company with a new name to focus on building the metaverse, according to a...

Bioengineer1 week ago

UTHSC awarded $1.5 million HRSA grant for sexual assault nurse examiner training

Credit: UTHSC Memphis, Tenn. (June 16, 2021) - The University of Tennessee Health Science Center's College of Nursing has received

Techcrunch1 week ago

Does the NFT craze actually matter? – TechCrunch

Hello friends, and welcome back to Week in Review! Last week, we talked about Apple’s subscription addiction. This week, I’m...

CNBC2 weeks ago

Earnings

Corporate Company Earnings, Find Earnings Per Share and Earnings History Online

ZDNET2 weeks ago

Even computer experts think ending human oversight of AI is a very bad idea

The UK government is thinking of scrapping the right to ask for a human to review decisions made entirely by...

Crunchbase2 weeks ago

The Briefing: Hailo Lands $136M Series C

Crunchbase News' top picks of the news to stay current in the VC and startup world.

Review

    Select language

    Trending