US hacks linked to home-working says CyberCube

The revelation this week that US federal agencies have potentially had their security breached by a major cyber-attack has been linked to the rise in home-working, according to cyber analytics specialist CyberCube.

The US intelligence community is urgently investigating breaches at several government agencies, including the US Treasury and Department of Commerce, following the disclosure of a cyber-espionage campaign against prominent US cybersecurity firm FireEye and software specialist SolarWinds.

The head of the UK’s communications intelligence service GCHQ has described two major security breaches at US software firms this week as “serious events”, as British intelligence officials investigate the level of UK exposure.

“While it remains too early to fully assess the impact of this attack, both the FireEye and SolarWinds breaches are significant due to the strategic importance of their target – the machinery of the US government,” said Darren Thomson, head of cyber security strategy for CyberCube.

Significantly, he suggested the link to the changed working practices this year for many:

“It looks like this attack could be linked to COVID-19 and the move to home-working. The resultant changes to working patterns and behaviours have exposed many new attack vectors that were previously ignored by attackers.

“In this case, monitoring software allowing IT staff remote access to computers on corporate networks was hacked. It’s likely we’re going to see more of this kind of attack in 2021.

“This type of software supply chain attack is on the rise,” Thomson added. “Between 2018 and 2020, we saw several examples of legitimate software update mechanisms being used to breach systems. Good examples were the attacks on BA and Ticketmaster in 2018. However, using software supply chains attacks to target a government is still relatively rare.”

CyberCube provides cyber risk analytics to the global insurance industry. Its analytics platform allows insurance businesses to analyse what effect a major cyber-attack and other cyber-related scenarios would have on a portfolio of insurance risks.