Russian hack of U.S. agencies exposed supply chain weaknesses
Wir Kaufen und Verkaufen sowohl neue als auch gebrauchte Modelleisenbahnen und Modellautos aller Marken, Spurgrößen und Epochen aus privaten Sammlungen und Geschäftsauflösungen.
Wir sind ständig auf der Suche nach großen Modelleisenbahn-Sammlungen, Erbschaften und Geschäftsauflösungen. >>> diskret
Kontakt aufnehmen
WASHINGTON — The elite Russian hackers who gained access to computer systems of federal agencies last year didn’t bother trying to break one by one into the networks of each department.
Instead, they got inside by sneaking malicious code into a software update pushed out to thousands of government agencies and private companies.
It wasn’t surprising that hackers were able to exploit vulnerabilities in what’s known as the supply chain to launch a massive intelligence gathering operation. U.S. officials and cybersecurity experts have sounded the alarm for years about a problem that has caused havoc, including billions of dollars in financial losses, but has defied easy solutions from the government and private sector.
“We’re going to have to wrap our arms around the supply-chain threat and find the solution, not only for us here in America as the leading economy in the world, but for the planet,” William Evanina, who resigned last week as the U.S. government’s chief counterintelligence official, said in an interview. “We’re going to have to find a way to make sure that we in the future can have a zero-risk posture, and trust our suppliers.”
In general terms, a supply chain refers to the network of people and companies involved in the development of a particular product, not dissimilar to a home construction project that relies on a contractor and a web of subcontractors. The sheer number of steps in that process, from design to manufacture to distribution, and the different entities involved give a hacker looking to infiltrate businesses, agencies and infrastructure numerous points of entry.
This can mean no single company or executive bears sole responsibility for protecting an entire industry supply chain. And even if most vendors in the chain are secure, a single point of vulnerability can be all that foreign government hackers need. In practical terms, homeowners who construct a fortress-like mansion can nonetheless find themselves victimized by an alarm system that was compromised before it was installed.
The most recent case targeting federal agencies involved Russian government hackers who are believed to have sneaked malicious code into popular software that monitors computer networks of businesses and governments. That product is made by a Texas-based company called SolarWinds that has thousands of customers in the federal government and private sector.
That malware gave hackers remote access to the networks of multiple agencies. Among those known to have been affected are the departments of Commerce, Treasury and Justice.
For hackers, the business model of directly targeting a supply chain is sensible.
“If you want to breach 30 companies on Wall Street, why breach 30 companies on Wall Street (individually) when you can go to the server — the warehouse, the cloud — where all those companies hold their data? It’s just smarter, more effective, more efficient to do that,” Evanina said.
Though President Donald Trump showed little personal interest in cybersecurity, even firing the head of the Department of Homeland Security’s cybersecurity agency just weeks before the Russian hack was revealed, President Joe Biden has said he will make it a priority and will impose costs on adversaries who carry out attacks.
Supply chain protection will presumably be a key part of those efforts, and there is clearly work to be done. A Government Accountability Office report from December said a review of 23 agencies’ protocols for assessing and managing supply chain risks found that only a few had implemented each of seven “foundational practices” and 14 had implemented none.
U.S. officials say the responsibility can’t fall to the government alone and must involve coordination with private industry.
But the government has tried to take steps, including through executive orders and rules. A provision of the National Defense Authorization Act barred federal agencies from contracting with companies that use goods or services from five Chinese companies, including Huawei. The government’s formal counterintelligence strategy made reducing threats to the supply chain one of five core pillars.
Perhaps the best-known supply chain intrusion before SolarWinds is the NotPetya attack in which malicious code found to have been planted by Russian military hackers was unleashed through an automatic update of Ukrainian tax-preparation software, called MeDoc. That malware infected its customers, and the attack overall caused more than $10 billion in damage globally.
The Justice Department in September charged five Chinese hackers who it said had compromised software providers and then modified source code to allow for further hacks of the providers’ customers. In 2018, the department announced a similar case against two Chinese hackers accused of breaking into cloud service providers and injecting malicious software.
“Anyone surprised by SolarWinds hasn’t been paying attention,” said Rep. Jim Langevin, a Rhode Island Democrat and member of the Cyberspace Solarium Commission, a bipartisan group that issued a white paper calling for the protection of the supply chain through better intelligence and information sharing.
Part of the appeal of a supply chain attack is that it’s “low-hanging fruit,” said Brandon Valeriano, a cybersecurity expert at the Marine Corps University. A senior adviser to the solarium commission, he says it’s not really known just how dispersed the networks are and that flaws in the supply chain are not uncommon.
“The problem is we basically don’t know what we’re eating.” Valeriano said. “And sometimes it comes up later that we choke on something — and often we choke on things.”
(Visited 1 times, 1 visits today)
Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise werbung
Die Regierung wollte die Pflege eigentlich für einige Jahre stabilisieren. Doch nun zeigt sich: Das Geld reicht wohl nicht mehr lange – und das Personal auch nicht. Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise […]
Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise werbung
In Aue wurden am Montag 28.4 Grad Celsius gemessen, Saharastaub könnte erneut für hohe Feinstaubwerte sorgen – unser Newsblog zur aktuellen Wetterlage. Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise werbung Reichsmarschall Göring hatte eine […]
Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise werbung
Property tax commission recommends tweaks as ballot proposal battle heats up A bipartisan group of Colorado policymakers approved nearly a dozen recommendations to soften the pinch of property tax increases Friday, including an “adjustable cap” on future hikes and mechanisms to spread out hefty tax bills. The recommendations approved by […]
Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise werbung
Jedoch startet der kompakte Familienfreund auch schon bei knapp 40.000 Euro. Alle Infos in der Übersicht Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise werbung Reichsmarschall Göring hatte eine Märklin Modelleisenbahn >>> read more
Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise werbung
Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise werbung Reichsmarschall Göring hatte eine Märklin Modelleisenbahn >>> read more
Tags: suchen suche search tag anzeigen besucherzahl browser design domain inhalt jahr karpfen konto problem inhalt schalten modellbahn spielemax spiel tag webseite preise werbung
Tags: suchen suche search tag anzeigen besucherzahl browser design domain spielemax inhalt jahr karpfen konto problem inhalt preise schalten spiel tag webseite werbung zugriff kundenkonto
BR 01, DRG
(BTTB 2120)
BR 23 1003, DR
(Zeuke 159 / 77,
545 / 77) BR 23 1111, DR
(BTTB 2110)
BR 23, DR
(BTTB, aus "Touristen Express"-Set))
br35_1111
BR 35 1111-0, DR
(BTTB 2110)
br56
BR 56 2719, DR
(BTTB 2230) G 8.2, Nr. 2721, KPEV
(BTTB 2231)
br81_013dr_zeuke_schw_rahmen br81_001rt_rahmen_plast br81_004
BR 81 013, DR
(Zeuke 159 / 51,
545 / 51) BR 81 001, DR
(BTTB 2210)
BR 81 004, DRG
(BTTB 2210)
BR 81 004, DB
(BTTB 2211)
BR 81, DR
vereinfachte Steuerung
(Zeuke 159 / 78)
br86_1615_3 br86_460
BR 86 1615-5, DR
(BTTB 2240) BR 86 460, DRG
(BTTB 2242) BR 86 173, DB
(BTTB 2241) Reihe 455, CSD
(BTTB 2244)
br 92 zeuke br 92_6582 bttb_rt_rahmen br92
BR 92 6582, DR
(Zeuke 545 / 494) BR 92 6582, DR
(BTTB 2220) BR 92 als Privatbahn (BTTB
(BTTB, aus Start-Set) BR 92 als Nord-Belge (BTTB, aus Start-Set)
start_tenderlok_schw.jpg (41542 Byte)
2achsige Tenderlok, schwarz
(BTTB, aus Start-Set) 2achsige Tenderlok, grün
(BTTB, aus Start-Set)
v36_071grau v36_071dr_gn
V 36 071, DR, grau
(Zeuke 545 / 23,
BTTB 2631) V 36 071, DR, grün
(Zeuke 545 / 22)
V 36 021, DR, grün
(BTTB 2630)
BR 103 021-2, DR, grün
(BTTB 2630)
br103gelb.jpg (62757 Byte) v36_265db_rt.jpg (56714 Byte)
BR 103 033-7, DR, gelb
(BTTB 2631) V 36 255, DB, rot
(BTTB 2632) V 36, DB, schwarz
(BTTB) Y 50, SNCF, grün
(BTTB 2634)
zeuke_v75 zeuke_t435
V 75 001, 1. Ausführung
DR, rot
(Zeuke 545 / 53) T 435 001,
1. Ausführung
CSD, blau,
weißes Geländer
(Zeuke 545 / 52)
br107_001_0 t435 t435
BR 107 001-0, DR, rot
(BTTB 2620)
T 435 001, CSD, blau
schwarzes Geländer
(BTTB 2621) T 435 040, CSD, blau
weißes Geländer
(BTTB 2621)
ym32_125
YM 32-205 , SZD, grün
(BTTB 2622) YM 32-125; SZD, grün
(BTTB 2622)
br110 br110_156 gelb br212_176_2db_rt
BR 110 034-7, DR, rot
(BTTB 2540) BR 110 156-7, DR, gelb
(BTTB 2545) BR 211 167-2, DB, blau
(BTTB 2546) BR 212 176-2, DB, rot
(BTTB 2547)
v180_146 br118_114_8
V180 160, DR
rot / elfenbein
(Zeuke 545 / 750) V 180 146, DR
rot / elfenbein
(BTTB 2520) BR 118 146-0, DR
rot / creme
(BTTB 2522) BR 118 114-8, DR
rot / creme
(BTTB 2522)
BR 119 120-4, DR
(BTTB 2521)
br130dr
BR 130 007-8, DR
(BTTB 2640) T 679, CSD
(BTTB 2641)
br221rot br221_137_3blau_beige v200ic_rt_beige_rt
V 200 139, DB
rot / grau
(Zeuke 159 / 76,
545 / 26)
BR 221 139-9, DB
rot / silbergrau
(BTTB 2510)
BR 221 137-5, DB
blau / beige
(BTTB 2511)
BR 221, DB
rot / beige
(BTTB 2512)
v200 cccp v200 silverlines
V 200 "CCCP"
silber / rot
(Zeuke ) V 200 "Silver Lines"
silber / blau
(Zeuke ) V 200
braun
(Zeuke, aus Start-Set) V 200, SJ
braun
(BTTB, aus Start-Set)
t334rt t334 t334dsb
T 334, CSD, rot
(Zeuke 545 / 502) T 334 0508, CSD, blau
(Zeuke 545 / 501) T 334, CSD, grün / weiß
(BTTB 2610) MH, DSB, grün
(Zeuke 545 / 503)
t334gn_elf_start2a
T 334, 2achsig
blau / creme
(Zeuke (, aus Start-Set) T 334, 2achsig
grün / elfenbein
(Zeuke
(BTTB, aus Start-Set)
noab_mav_neu noab_dsb_bttb noab_sncb
M 61 001, MAV, weinrot
(Zeuke 545 / 9,
BTTB 2532) M 61 019, MAV, rot
(BTTB 2532)
My 1125, DSB, weinrot
(Zeuke 545 / 8,
BTTB 2531) R 202 003, SNCB, grün
(BTTB 2533)
start_taigatrommel
2achsige Diesellok
ähnlich DR-BR 120, rot
(BTTB, aus Start-Set) 2achsige Diesellok
ähnlich DR-BR 120, grün
(BTTB, aus Start-Set)
vt2_09_dach_beige
VT 2.09.070
Dach beige
(Zeuke)
Beiwagen VB 02,
Dach beige
(Zeuke)
VT 2.09.070 + VB,
Dach grau
(Zeuke 545 / 1,
BTTB 2810) Beiwagen VB 02,
Dach grau
(Zeuke ,
BTTB 2812)
br171_vb vb171
BR 171 018-5
Dach grau
(BTTB 2810) Beiwagen BR 171 824-6,
Dach grau
(BTTB 2812)
transius_rt_ws_2tlg
SVT "Courier", 2teilig
rot / weiß
(Zeuke) SVT "Courier", 2teilig
weiß / rot
(Zeuke) SVT "Courier", 2teilig
weiß / blau
(Zeuke 545 / 34)
Die Diesel-Schnelltriebwagen Elektro-Triebzug Fahrtrafo
SVT "Intourex", 3teilig
weiß / blau
(Zeuke 545 / 37)
ET "Transitus", 3teilig, weiß / blau
(Zeuke 545 / 35) ET "Transitus", 3teilig, grün / gelb
(Zeuke 545 / 35)
Mittelwagen für "Courier", Transitus", "Intourex";
rot / weiß
(Zeuke) Mittelwagen für "Courier", Transitus", "Intourex";
weiß / blau
(Zeuke) Mittelwagen für "Courier", Transitus", "Intourex"
weiß / rot
(Zeuke) Mittelwagen für "Courier", Transitus", "Intourex"; grün / gelb
(Zeuke)
e11_022dach_beige.jpg (55398 Byte) e11_022rt.jpg (64664 Byte)
E 11 022, DR
grün, Dach beige
(Zeuke 545 / 754)
E 11 015, DR
grün, Dach grau
(Zeuke 545 / 754,
BTTB) E 11 022, DR
rot
(Zeuke / BTTB 2322)
BR 211 018-7, DR
rot
(BTTB 2322)
e42_018
E 42, DR,
grün, Dach beige
(Zeuke 545 / 755) E 42 018, DR
grün, Dach grau
(Zeuke 545 / 755,
BTTB 2321) BR 242 020-6, DR
grün, Dach grau
(BTTB 2321) BR 242 018-2, DR
grün, Dach grau
(BTTB 2321)
E 70 01, DR, braun
(Zeuke / Herr 545 / 25, 545 / 2 / 2)
E 70 01, DR, grün
beschriftet
(Zeuke / Herr 545 / 24) E 70, DR, grün,
unbeschriftet
(Zeuke / Herr) E 70 01, DR, grau
(Zeuke / Herr)
e94zeuke br254_065_6 br194db
E 94 065, DR, grün
(Zeuke 545 / 751) BR 254 065-6, DR, grün
(BTTB 2410) BR 194 178-0, DB, blau
(BTTB 2411) Reihe 1020 020, ÖBB, rot
(BTTB 2412)
br250
BR 250 112-0, DR, bordeauxrot
(BTTB 2330) BR 250 245-8, DR, hellrot
(BTTB 2331)
e499blau_bttb e499g e499 szd
E 499 035, CSD
blau / elfenbein
(Zeuke 545 / 20,
Zeuke 545 / 752 / 1,
BTTB 2312) E 499 035, CSD
grün / elfenbein
(Zeuke 545 / 21,
Zeuke 545 / 752 / 2
BTTB 2311) YC 1-003, SZD, grün
(BTTB 2313)
E 499, SJ, rotorange
(BTTB)
start_e_lok_blau start_e_lok_gn
2achsige E-Lok
CC 7200, SNCF,
blau mit silberner Zierleiste
(BTTB, aus Start-Set) 2achsige E-Lok
CC 7200, SNCF,
blau ohne Zierleiste
(BTTB, aus Start-Set)
2achsige E-Lok
CC 7200, SNCF,
grün
(BTTB, aus Start-Set)
2achsige E-Lok
CC 7200, SNCF,
hellgrau / gelb als NS-Lok
(BTTB, aus Start-Set)
Cookies
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Diese Website verwendet Cookies, um Ihre Erfahrung zu verbessern. Wir gehen davon aus, dass Sie damit einverstanden sind, aber Sie können sich abmelden, wenn Sie dies wünschen. Cookie settingsACCEPT
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.