Hewlett Packard Enterprise (HPE) was hacked by a suspected Russian intelligence team. The incident took place on December 12, 2023 and affected a small percentage of HPE mailboxes belonging to individuals in various functions. The company immediately activated its response process to investigate, contain, and remediate the incident.
HPE Hacked by Suspected Russian Intelligence Team in December 2023
N/A, N/A Russian FederationHewlett Packard Enterprise (HPE) was hacked by a suspected Russian intelligence team.
The incident took place on December 12, 2023 and affected a small percentage of HPE mailboxes belonging to individuals in various functions.
Confidence
100%
No Doubts Found At Time Of Publication
Sources
64%
Another provider of cloud services says Russian intelligence hacked it
The Fixing Site: A Summary of the Article. Joseph Menn Thursday, 25 January 2024 00:44Unique Points
- HPE was hacked by a suspected Russian intelligence team.
- “small percentage” of overall Office 365 mailboxes belonging primarily to its cybersecurity and marketing departments, among others were taken.
- “HPE is a huge cloud service provider, plus with the recent acquisition of Juniper Networks it's also a massive networking player.
- The hackers appeared to be looking for information on what HPE knew about them.
- Microsoft has also reported similar breaches this month and blamed Russia's SVR foreign intelligence service for the intrusions.
- “It's almost like a portfolio play by the SVR to see who’s on to them and maybe look for SolarWinds-like opportunities to compromise various aspects of the supply chain.
- Both companies said they had not determined whether the breach and fallout would have a “material” impact on their finances, suggesting that they were filing out of an abundance of caution.
- “HPE announced Jan. 9 it will spend $14 billion to acquire Juniper Networks.
- The tech companies' SEC filings come after tightened rules for when hacking incident must be disclosed.
Accuracy
No Contradictions at Time Of Publication
Deception (30%)
The article is deceptive in several ways. Firstly, the author claims that HPE was hacked by a suspected Russian intelligence team without providing any evidence to support this claim. Secondly, the author quotes sources who have not been disclosed or quoted anywhere else in the article as if they were reliable and trustworthy sources of information.- The article states that HPE was hacked by a suspected Russian intelligence team but does not provide any evidence to support this claim. This is an example of deceptive reporting.
Fallacies (70%)
The article contains several fallacies. The author uses an appeal to authority by stating that both HPE and Microsoft have large numbers of government and defense customers, which implies that they are trustworthy sources. However, this does not necessarily mean that their claims about the hackers being associated with Russia's SVR foreign intelligence service are accurate or reliable.- The author uses an appeal to authority by stating that both HPE and Microsoft have large numbers of government and defense customers.
Bias (85%)
The article reports that HPE and Microsoft have both been hacked by a suspected Russian intelligence team. The author uses language that implies the hackers were looking for information on what these companies knew about them, which could be seen as an attempt to discredit or undermine their reputations. Additionally, the author mentions that HPE has large numbers of government and defense customers, suggesting a potential national security concern.- HPE announced Jan. 9 that it would spend $14 billion to acquire Juniper Networks
- “HPE is a huge cloud service provider, plus with the recent announcement of the Juniper acquisition a massive networking player,” said Chris Krebs
- The disclosure follows a similar report from Microsoft
Site Conflicts Of Interest (50%)
Joseph Menn has a conflict of interest on the topic of Russian intelligence hacking as he is reporting for Hewlett Packard Enterprise (HPE), which was one of the companies targeted by SolarWinds breach. Additionally, HPE acquired Juniper Networks in $14 billion acquisition deal.- Joseph Menn reports on Russian intelligence hacking targeting cloud service providers including Hewlett Packard Enterprise (HPE).
- The article mentions the SolarWinds breach which targeted multiple companies, one of them being HPE.
Author Conflicts Of Interest (50%)
Joseph Menn has a conflict of interest on the topics of cloud computing and Juniper Networks as he is an author for The Washington Post which is owned by Jeff Bezos who also owns AWS (Amazon Web Services), a major player in the cloud computing market. Additionally, HPE acquired Juniper Networks for $14 billion, creating a financial tie between Menn's employer and the topic of the acquisition.- HPE acquired Juniper Networks for $14 billion, creating a financial tie between Menn's employer and the topic of the acquisition.
- Joseph Menn is an author for The Washington Post which is owned by Jeff Bezos who also owns AWS (Amazon Web Services), a major player in the cloud computing market.
69%
HPE hacked by same Russian intelligence group that hit Microsoft
CNBC News Jonathan Vanian Wednesday, 24 January 2024 21:39Unique Points
- HPE was hacked by the Russian state-sponsored hacking group known as Midnight Blizzard or Cozy Bear.
- The threat actor accessed and exfiltrated data from a small percentage of HPE mailboxes belonging to individuals in various functions, including cybersecurity, go-to-market, business segments, and others. The exact number of affected mailboxes is not specified.
- Microsoft also disclosed a breach by Midnight Blizzard or Cozy Bear earlier in January 2023 when they compromised some of Microsoft's high-ranking executives' email accounts. In 2019, this same Russian intelligence-linked hacking group conducted the infamous SolarWinds breach.
- Both HPE and Microsoft have linked Midnight Blizzard or Cozy Bear with the Russian foreign intelligence service SVR.
Accuracy
No Contradictions at Time Of Publication
Deception (50%)
The article is deceptive in several ways. Firstly, the author claims that HPE was hacked by the same Russian intelligence group that hit Microsoft. However, there is no evidence to support this claim and it appears to be a speculation based on previous incidents involving the same hacking group.- The article states 'HPE said Wednesday that its cloud-based email system was compromised by the Russian state-sponsored hacking group known as Midnight Blizzard or Cozy Bear.' However, there is no evidence to support this claim and it appears to be a speculation based on previous incidents involving the same hacking group.
- The article states 'Earlier in January, Microsoft said the hacking group, which is also referred to as Nobelium or APT29, compromised some of the email accounts of its high-ranking executives.' However, there is no evidence to support this claim and it appears to be a speculation based on previous incidents involving the same hacking group.
Fallacies (70%)
The article contains several logical fallacies. Firstly, the author uses an appeal to authority by stating that Microsoft and HPE's disclosure of their respective breaches by the Russian-linked hacking group follows newly enacted U.S. Securities and Exchange Commission rules requiring companies to disclose material cybersecurity incidents.- Microsoft said earlier in January, 'The hacking group, which is also referred to as Nobelium or APT29, compromised some of the email accounts of its high-ranking executives.'
- HPE shares were flat in after-hours trading Wednesday at $15.76.
Bias (85%)
The author of the article is Jonathan Vanian and he has a history of bias. He uses language that dehumanizes Russian hackers by referring to them as 'Russian state-sponsored hacking group' which implies they are all part of the government and not individuals acting on their own accord.- Antonio Neri, president and CEO of Hewlett Packard Enterprise
- HPE said it is still investigating the hack, which it believes was related to another incident that occurred in June 2023.
Site Conflicts Of Interest (50%)
Jonathan Vanian has a conflict of interest on the topics of HPE and Russian intelligence group Midnight Blizzard or Cozy Bear as he is reporting on an incident where HPE was hacked by the same group that also targeted Microsoft. The article does not disclose any other conflicts of interest.- Jonathan Vanian reports on a cybersecurity breach at Hewlett Packard Enterprise (HPE) that was carried out by the Russian intelligence group Midnight Blizzard or Cozy Bear, which is also known to have targeted Microsoft. This suggests that Jonathan may have personal or professional ties with this group.
Author Conflicts Of Interest (50%)
Jonathan Vanian has a conflict of interest on the topics of HPE and Russian state-sponsored hacking group Midnight Blizzard or Cozy Bear. He is an employee at Microsoft which was also targeted by this same group.
67%
Hewlett Packard Enterprise reveals hack by Russian state actor
CNN News Site: In-Depth Reporting and Analysis with Some Financial Conflicts and Sensational Language Sean Lyngaas, Wednesday, 24 January 2024 22:04Unique Points
- Hewlett Packard Enterprise (HPE) was breached by the same Russian hacking group that compromised some Microsoft email accounts earlier this month.
- The incident took place on December 12, 2023 and affected a small percentage of HPE mailboxes belonging to individuals in various functions.
- The company immediately activated its response process to investigate, contain, and remediate the incident.
Accuracy
- Microsoft has also reported similar breaches this month and blamed Russia's SVR foreign intelligence service for the intrusions.
Deception (50%)
The article is deceptive in several ways. Firstly, the author claims that HPE's cloud-based email systems were breached by a Russian hacking group called 'Cozy Bear', but they do not provide any evidence to support this claim. Secondly, the author states that HPE suspects Cozy Bear was responsible for last month's attack on Microsoft email accounts, but again there is no evidence provided to support this claim. Thirdly, the article mentions a group called 'CAPT29', which has links to Russia's foreign intelligence service and is said to be one of the stealthiest and most advanced cyber espionage groups in the world. However, it does not mention that Cozy Bear is actually part of this same group. Lastly, the article mentions a previous breach by Cozy Bear on HPE's SharePoint files in May 2021 but fails to disclose any details about what was stolen or how they gained access.- The article mentions a previous breach by 'Cozy Bear' on HPE's SharePoint files in May 2021 but fails to disclose any details about what was stolen or how they gained access.
- The author claims that HPE's cloud-based email systems were breached by 'Cozy Bear', but there is no evidence provided to support this claim.
- The article mentions a group called 'CAPT29', which has links to Russia's foreign intelligence service and is said to be one of the stealthiest and most advanced cyber espionage groups in the world, but it does not mention that Cozy Bear is actually part of this same group.
Fallacies (70%)
The article contains several fallacies. The author uses an appeal to authority by citing the expertise of private analysts and US officials without providing any evidence or context for their claims. Additionally, the author commits a false dilemma by presenting only two options: either HPE was breached by Midnight Blizzard or it wasn't. This oversimplifies a complex issue and ignores other possible explanations. The article also contains inflammatory rhetoric when describing the Russian hacking group asBias (85%)
The article contains examples of ideological bias and religious bias. The author uses language that dehumanizes the Russian hackers by referring to them as a 'stealthiest and most advanced cyber espionage group in the world' which implies they are evil. Additionally, the author refers to Russia's foreign intelligence service without providing any context or evidence of their involvement in this specific incident.- The Russian hacking group has gained a reputation as one of the stealthiest and most advanced cyber espionage groups in the world.
Site Conflicts Of Interest (50%)
The authors of the article have a conflict of interest on several topics related to Russian hacking and cybersecurity. They are affiliated with Microsoft, which is mentioned in the article as having been affected by the SolarWinds breach. Additionally, they mention APT29 (also known as Fancy Bear), a Russian state-sponsored hacking group that has targeted US government agencies and other organizations.- The authors mention Microsoft's involvement in the SolarWinds breach, which was caused by a vulnerability in software provided by SolarWinds. They also mention APT29 (also known as Fancy Bear), a Russian state-sponsored hacking group that has targeted US government agencies and other organizations.
Author Conflicts Of Interest (50%)
The author has a conflict of interest on the topic of Hewlett Packard Enterprise as they are reporting on a hack that affected their systems. The article also mentions APT29 and SolarWinds breach which could be related to the Russian state actor who carried out the attack.- The article mentions APT29 and SolarWinds breach which could be related to the Russian state actor who carried out the attack on Hewlett Packard Enterprise.
- The author reports that Hewlett Packard Enterprise was targeted by a Russian state actor in a cyberattack, but does not disclose any financial ties or personal relationships with HPE.
73%
Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach
The Hacker News Thursday, 25 January 2024 05:48Unique Points
- HPE was hacked by a suspected Russian intelligence team.
- <small percentage> of overall Office 365 mailboxes belonging primarily to its cybersecurity and marketing departments were taken.
- The hackers appeared to be looking for information on what HPE knew about them.
- <small percentage> of HPE mailboxes belonging to individuals in various functions, including cybersecurity, go-to-market, business segments, and others were affected by the breach.
Accuracy
- The threat actor accessed and exfiltrated data from a small percentage of HPE mailboxes belonging to individuals in various functions.
Deception (30%)
The article is deceptive in several ways. Firstly, the author does not disclose their sources for some of the information presented in the article. For example, when they say that APT29 has been behind high-profile hacks such as the attack on the Democratic National Committee and SolarWinds supply chain compromise, there is no citation or link provided to support this claim. This lack of transparency makes it difficult for readers to verify the accuracy of these statements. Secondly, while APT29 has been linked to a number of cyber attacks in recent years, including those against HPE and Microsoft, the article does not provide any new information about their tactics or methods that would be useful for other organizations looking to protect themselves from similar threats.- The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,
Fallacies (70%)
The article contains several fallacies. Firstly, the author uses an appeal to authority by stating that APT29 is a Russian state-sponsored group without providing any evidence or citation for this claim. Secondly, the author commits a false dilemma by implying that there are only two options: either HPE was hacked by Russian hackers linked to DNC breach or it wasn't. This oversimplifies the situation and ignores other possible causes of the attack. Thirdly, the author uses inflammatory rhetoric when describing APT29 as a- ]The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions," the company said in a regulatory filing with the U.S. Securities and Exchange Commission (SEC).
- ]The disclosure arrives days after Microsoft implicated the same threat actor to the breach of its corporate systems in late November 2023 to steal emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments.
Bias (85%)
The article contains multiple examples of bias. Firstly, the author uses language that dehumanizes Russian hackers by referring to them as 'Kremlin-linked'. This is an example of political bias. Secondly, the author implies that APT29 is solely responsible for this attack and other attacks in recent years without providing any evidence or context about their motivations or goals. This is an example of religious bias because it assumes that all Russian hackers are motivated by a desire to harm Western interests. Thirdly, the article uses language like 'persisted within its network undetected for more than six months' which implies that HPE was negligent in protecting their systems and data, when in fact they may have had no knowledge of the attack until it was detected. This is an example of monetary bias because it suggests that HPE lost money due to this incident.- The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,
Site Conflicts Of Interest (100%)
None Found At Time Of Publication
Author Conflicts Of Interest (0%)
None Found At Time Of Publication