In 2020, a major cyberattack by a group backed by a foreign government penetrated multiple parts of United States federal government, leading to a data breach. The hacking group Cozy Bear (APT29), backed by the Russian intelligence agency SVR, was identified as the cyberattackers. The cyberattack and data breach were reported to be among the worst cyber-espionage ever suffered by the U.S., due to the sensitivity and high profile of the targets and the long duration (six to nine months) in which the hackers had access. Within days of its discovery, at least 200 organizations around the world had been reported to be affected by the attack, and some of these may also have suffered data breaches. The attack, which had gone undetected for months, was first publicly reported on December 13, 2020, and was initially only known to have affected the U.S. Treasury Department and the National Telecommunications and Information Administration (NTIA), part of the U.S. Department of Commerce. In the following days, more departments and private organizations reported breaches. The cyberattack that led to the federal breaches began no later than March 2020. The attackers exploited software from at least three U.S. firms: Microsoft, SolarWinds, and VMware. A supply chain attack on SolarWinds's Orion software, widely used in government and industry, provided the initial entry point. Flaws in Microsoft and VMWare products allowed the attackers to access emails and other documents, and to perform federated authentication across victim resources. In addition to the theft of data, the attack caused costly inconvenience to tens of thousands of SolarWinds customers, who had to check whether they had been breached, and had to take systems offline and begin monthslong decontamination procedures as a precaution. U.S. Senator Richard J. Durbin described the cyberattack as tantamount to a declaration of war. President Donald Trump was silent for days after the attack, and later spuriously suggested that China, not Russia, might have been responsible for it, and that "everything is well under control" Continua su Wikipedia: https://en.wikipedia.org/wiki/2020_United_States_federal_government_data_bre... Microsoft, nel tentativo di salvare la faccia e di accreditarsi non come parte del problema ma come parte della soluzione, ha pubblicato un interessante analisi della backdoor (infarcita, e me ne scuso, di marketing per i propri prodotti): https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-... Questo è lo stato dell'arte non già degli "attacchi informatici" usati (di per sé piuttosto semplici, seppure composti magistralmente) quanto della sicurezza informatica tutta. Il Re è nudo. Anzi, protegge le proprie vergogne con un ridicolo perizoma. E colmo dell'ironia, questo attacco ci ricollega a quanto discutevamo parlando del guasto di Google: controllare gli aggiornamenti del software installato su un server significa SEMPRE avere accesso ai dati ivi ospitati. La qual cosa è da leggere in prospettiva storica, ricordando quanto emerse qualche anno fa: https://www.nytimes.com/2014/03/23/world/asia/nsa-breached-chinese-servers-s... D'altro canto... se Trump dice che è tutto sotto controllo... :-D Giacomo