From their new cyber command center in Fort Meade, Md., the NSA and Cyber Command monitor incoming attacks, the way generations of American military officials jammed underground command centers to look for incoming missile attacks. The majority of infections, Microsoft said, were of private firms, many of them cybersecurity companies. FireEye only detected the attack after Russians cleaned it out too, taking the “Red Team” tools the firm uses to probe corporate and government systems for vulnerabilities. The Russian attack was carefully calibrated to avoid cybersecurity defenses. It gained access to the updates of the SolarWinds software — akin to the updates Apple and other phone makers push onto cellphones as they charge overnight — betting that small changes in code would not be noticed.

Source: New York Times December 19, 2020 20:34 UTC