Russian Cyber Hackers Infiltrate U.S. Government Agencies
You’ve probably heard of solar wind. It’s a stream of charged particles such as electrons and protons.
They are periodically released from our sun’s corona. And can travel hundreds of millions of miles. With no atmosphere, our moon gets clobbered with solar winds on a regular basis.
We can sometimes see the effects of solar wind in the form of northern lights. But the Earth’s magnetic field protects us from potential radiation.
Unfortunately, there was no protection recently from SolarWinds. That’s the software company Russian hackers used to infiltrate American federal agencies. And thousands of companies.
They’ve Been Inside for Months
Based in Austin, Texas, SolarWinds provides Orion software to 300,000 customers. It monitors their computer networks. Some 18,000 U.S. agencies and businesses were affected by the breach.
The hack was extremely complex and effective. Hackers attached their malware to a software update from SolarWinds. It allowed hackers to spend months exploring government networks around the world. As well as the global systems of private companies.
Agencies and businesses received the tainted software from March through June in 2020. It’s estimated that deeper hacks occurred with about 250 of them. Including 10 government agencies.
Russia denies involvement. But cyber security experts say Russian fingerprints are all over the breach.
Hack ‘Poses a Grave Risk’
Former President Donald Trump said little about the security breach last month.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said the hack “poses a grave risk.” To federal, state and local governments. As well as to private companies and organizations.
This is hardly the first time Russia has been accused of hacking activities. Other countries have repeatedly pointed to President Vladimir Putin’s country as the culprit.
Especially as the breaches pertain to the influence of elections here and elsewhere.
Election Focus Got in the Way
In 2020, U.S. security agencies focused on preventing Russia from interfering in the election.
This SolarWinds breach apparently caught them while they were looking the other way.
Glenn Gerstell was the National Security Agency’s general counsel from 2015 to 2020. Here’s how he described it.
“It’s as if you wake up one morning and suddenly realize that a burglar has been going in and out of your house for the last six months.”
Top U.S. Agencies Impacted
The list of U.S. government agencies affected by the breach is staggering. It includes the Pentagon, Department of Homeland Security and Treasury Department.
As well as the Commerce Department, U.S. Postal Service and National Institutes of Health.
Department of Energy officials admitted their computer systems were also compromised.
But they said the breach did not impact “the mission essential national security functions of the Department. Including the National Nuclear Security Administration.
Highly Sophisticated Malware
Malware used by the hackers is extremely sophisticated. It’s simultaneously fascinating and terrifying.
It can retrieve and execute commands. Including transferring files, rebooting machines and disabling system services. And no one knows it’s happening because it masquerades as normal activity.
The malware can identify anti-virus tools that could threaten it. It even grants itself new credentials to acquire more permissions. And then gain additional information.
Neil Jenkins is chief analytic officer at the Cyber Threat Alliance. He says, “As soon as you get into a network, you’re going to set up other potential back doors and ways to get in. In case the original way you got in closed.”
An ‘Espionage-Based Assault’
Microsoft has gotten involved in the investigation. Here’s part of what their president, Brad Smith, wrote.
“The attack unfortunately represents a broad and successful espionage-based assault. On both the confidential information of the U.S. government and the tech tools used by firms to protect them.”
The breach runs deep. Cybersecurity officials are still working to determine its extent. It’s estimated it will take months to fix the problems.
SolarWinds and other tech experts are giving advice to those who were hacked. In order to help end the intrusion. But the damage has been done.
Threatening the Perpetrators
What will President Joe Biden do to retaliate against Russia? Time will tell. But he accused Trump of ignoring a major threat to national security. And said that whoever is responsible will pay a steep price.
Mark Warner is a Democratic senator from Virginia. Here’s what he says.
“We need to make clear to Russia that any misuse of compromised networks to produce destructive or harmful effects is unacceptable. And will prompt an appropriately strong response.”
If there is a silver lining to the breach, it’s that so far only intelligence gathering seems to have taken place. Nothing has caused disruptions to power grids. Or has altered data in government or private databases.
Intelligence Gathering Only?
“At this time, we believe this was, and continues to be, an intelligence gathering effort.”
That joint statement came from officials in the FBI. As well as the Department of Homeland Security and National Security Agency.
“We are taking all necessary steps to understand the full scope of this campaign and respond accordingly.”
A task force has been created to learn more and make recommendations. It includes officials from the FBI, CISA and other agencies. They will attempt to put new procedures in place. In order to prevent future vulnerabilities from being exploited.
We are a society that has become dependent upon technology. That means we have to stay one step ahead of our enemies. In this case, it looks like we were one step behind.