Top Cybersecurity Firm Infiltrated by Russian Hackers!
It was recently discovered that there was a computer breach that impacted the United States government and its networks. Upon investigating the breach, the U.S. government is now blaming Russia. But how exactly did the breach occur, and why was it so easy for Russians to infiltrate U.S. networks, especially given today’s advanced network security tactics?
What Happened?
It was only a few weeks ago that General Paul M. Nakasone reported there had been major advancements in keeping Russia from interfering with the United States’ presidential campaigns and election. However, only eight weeks later, we are now seeing that “General Nakasone and other American officials responsible for cybersecurity are now consumed by what they missed for at least nine months: a hacking, now believed to have affected upward of 250 federal agencies and businesses, which Russia aimed not at the election system, but at the rest of the United States government and many large American corporations.”
The security breach itself started when hackers uploaded malware to a company based out of Austin, Texas, called SolarWinds. The SolarWinds company is used by multiple federal and government agencies around the world to monitor computer networks. The malware itself wasn’t recognized at first because it was attached to a regular SolarWind’s software update. It is believed by SolarWinds that about 18,000 of its customers were impacted by the tainted software update that occurred from March through June of 2020.
No matter who is to blame, though, there are some key questions that the United States needs answers to:
- How many federal agencies and companies were really affected (answering this question helps determine the true extent of the damage)?
- Was this intrusion a simple reflection of an inside espionage operation?
- Is there something more sinister going on, such as the Russians having backdoor access to the United States’ government agencies, labs, electric grids, and major corporations, both public and private?
- Does the breach have anything to do with nuclear weapons?
What Is the Damage to the U.S.?
There are many large and small entities impacted by the breach, including:
- The Commerce Department
- The Department of Homeland Security
- The Pentagon
- The Treasury Department
- The U.S. Postal Service
- The National Institutes of Health
- The Department of Energy
The Department of Energy, however, does attest that malware used during the breach “was isolated to business networks only, and has not impacted the mission-essential national security functions of the Department, including the National Nuclear Security Administration.”
What Are the Next Steps?
As for now, there’s not much we can do other than investigate the hack to the fullest extent possible. This requires ongoing cooperation between the FBI and SolarWinds as well as the U.S. intelligence community as a whole. If you are a SolarWinds customer or have any connection to them, it is highly advised to update to the latest software version so as to greatly reduce your exposure to a vulnerability within the SolarWinds’ network.
