Hackers breach US agencies, Homeland Security a reported target

NEW YORK - The US Department of Homeland Security was the third federal department to be targeted in a major cyberattack, US media reported Monday, a day after Washington revealed the hack which may have been coordinated by a foreign government.

The Washington Post cited unnamed officials who said that the DHS -- which is in charge of protecting the country from attacks both online and off -- had been added to a growing list of targets in the attack, including the Treasury and Commerce departments.

A statement from DHS Monday did not confirm the report, saying only that it was "aware of cyber breaches across the federal government and working closely with our partners in the public and private sector on the federal response."

The Cybersecurity and Infrastructure Security Agency (CISA), which is attached to the DHS, on Sunday said it had ordered federal agencies to immediately stop using SolarWinds Orion IT products following reports that hackers had used a recent update to gain access to internal communications. 

"We urge all our partners -- in the public and private sectors -- to assess their exposure to this compromise and to secure their networks," said CISA Acting Director Brandon Wales.

SolarWinds over the weekend admitted that hackers had exploited a backdoor in an update of some of its software released between March and June.

The hacks are part of a wider campaign that also hit major cybersecurity firm FireEye, which said its own defenses had been breached by sophisticated attackers who stole tools used to test customers' computer systems.

FireEye said it suspected the attack was state-sponsored, and warned it could have affected numerous high profile targets across the globe.

"This campaign may have begun as early as Spring 2020 and is currently ongoing," FireEye said in a blog post.

RUSSIA INVOLVED?

The content the hackers have sought to steal -- and how successful they have been -- is not known at this time. 

"We believe this is nation-state activity at significant scale, aimed at both the government and private sector," said IT giant Microsoft, which is also investigating, in a blog post. 

While Microsoft refrained from naming a country, several US media pointed the finger at the Russian group "APT29", also known as "Cozy Bear." 

According to the Washington Post, the group is part of Moscow's intelligence services, and hacked servers at the State Department and the White House during the Obama administration.

The Russian Embassy in the United States categorically denied the accusations in a statement on Facebook.

Both the public and private sectors must be increasingly on guard against such hacks, warned Hank Schless, senior manager at Lookout, a California-based mobile security company. 

"Adversarial nation-states have recognized the value in targeting both sectors, which means neither is safe from the types of attacks that have government resources behind them," he said.

Matt Walmsley of Vectra, which provides cyberattack detection services from its base in California, agreed.

"Security teams need to drastically reduce the overall risk of a breach by gaining instant visibility and understanding of who and what is accessing data or changing configurations, regardless of how they are doing it, and from where," he said.

Agence France-Presse

US lifts ban on refugees from 11 countries

WASHINGTON - The United States announced Monday it was lifting its ban on refugees from 11 "high-risk" countries, but said those seeking to enter the US would come under much tougher scrutiny than in the past.

Applicants from 11 countries, unnamed but understood to include 10 Muslim-majority nations plus North Korea, will face tougher "risk-based" assessments to be accepted.


"It's critically important that we know who is entering the United States," said Homeland Security Secretary Kirstjen Nielsen.

"These additional security measures will make it harder for bad actors to exploit our refugee program, and they will ensure we take a more risk-based approach to protecting the homeland."

The 11 countries, hit with a ban in October in the Trump administration's revised refugee policy, have not been identified officially.

But refugee groups say they comprise Egypt, Iran, Iraq, Libya, Mali, North Korea, Somalia, South Sudan, Sudan, Syria and Yemen.

NOT A 'MUSLIM BAN'  

Speaking anonymously, a senior administration official told journalists that the policy of enhanced security assessments for the 11 countries was not designed to target Muslims.

"Our admissions have nothing to do with religion," the official said, adding that there is "nothing especially novel" about tougher screening for countries deemed to have a higher level of risk.

Donald Trump has pursued a much tougher stance on immigrants and refugees from all countries since becoming president one year ago.

His predecessor Barack Obama set refugee admission in fiscal 2017, which began on October 2016, at 110,000.

When Trump took office a year ago, he slashed that to 53,000, a number that was cut again to a maximum of 45,000 in fiscal 2018. 

But refugee arrivals this year could come in significantly lower than that, due to the backlog from the 120-day halt and a slowdown in processing because of generally tougher applicant reviews.

DHS would not explain what the tougher vetting measures for the 11 countries would include. 

But all applicants are being asked to supply more detailed histories and evidence of their past activities, and many are having to allow access to personal electronics and social media accounts.

The move comes as Trump presses for a sharp turn in overall US immigration policy that critics say will result in a 50 percent cut in arrivals each year and bias admissions away from African, Asian and Muslim countries.

Last week, Trump proposed to end the 27-year-old "green card lottery" program that aims to diversify the source of immigrants, leading to an upturn in those from Middle Eastern and African countries.

He also proposed to tightly limit the family members who can join immigrants to only spouses and younger children. Until now, such "chain migration" could extend to immigrants' parents, grandparents, siblings and extended family.

The White House said the policy was necessary to protect national security from terror and crime threats.

In return, Trump proposed a plan that offers 1.8 million young unauthorized immigrants known as "Dreamers" a path to citizenship over 10-12 years.

Democrats and Republicans are starting negotiations on those proposals, along with Trump's request for a $25 billion "trust fund" to build a wall on the southern US border to deter illegal border-crossers from Mexico.

source: news.abs-cbn.com