December 17, 2020
In the most significant security breach of US government networks in more than five years, foreign hackers linked to Russian intelligence have penetrated the networks of at least a dozen federal agencies and at least ten major corporations.The security breach was first reported last week by FireEye, a top cybersecurity firm, which informed government officials that it had been hacked, alerting the company to a broader cyberattack campaign.
According to FireEye, the vulnerability was found in IT management software developed by a company called SolarWinds, a network management product that is used widely across the US government and hundreds of Fortune 500 companies.
The attackers embedding malicious code into software updates that SolarWinds offers to its tens of thousands of clients, with at least 18,000 organizations receiving the infected code.
|The "highly sophisticated, manual supply chain attack" of the U.S. government provided the perpetrators months of access to the internal emails of multiple agencies, including the Treasury, Homeland Security, Commerce and Energy departments, and the National Institutes of Health.|
House and Senate lawmakers were privately briefed this week by federal agencies, the FBI, National Security Agency, the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency, which is Homeland Security's cybersecurity arm.
On Wednesday, Senate Intelligence Committee Vice Chair Mark Warner (D-Va), said that the government is "still assessing the extent of the penetration," but lamented that "the current president of the United States has not said a word about this."
Nearly a week after the hack was revealed, the White House has yet to issue any response to the Russian attack, and has kept a tight reign on full disclosure by top officials.
According to Politico, during a National Security Council meeting this week, national security leaders were instructed not to reach out to Capitol Hill for briefings on the massive hack without explicit approval from the White House or ODNI.
Trump's relationship with Russia has been a thorny centerpiece of his presidency, and the subject of investigation since before he took office.
In March of 2019, Special Counsel Robert Mueller's 22-month investigation concluded unequivocally that Russia "launched a concerted attack on our political system (and) used sophisticated cyber techniques" to interfere and influence the 2016 presidential elections.
|"Over the course of my career, I've seen a number of challenges to our democracy. The Russian government's effort to interfere in our election is among the most serious."
-- Special Counsel Robert Mueller, July, 2019
In December of 2019, President Donald Trump was impeached by the United States House of Representatives for abuse of power and obstruction of Congress -- charges that grew out of the Mueller investigation.In a press conference today, Russian President Vladamir Putin denied any connection between the current cyber attack and Russia. When asked why Russian hackers had not helped Donald Trump this time, as they allegedly had in 2016, Putin said, "Russian hackers didn't help the current president [Trump], they didn't interfere, these are all inventions to spoil our relations with the USA."
It is still unclear what the ultimate end game of the cyber-espionage operation was for the Russian hackers, or what kind of damage may already have been done, but the depth of the breach at this level could takes years to fully determine.
This morning the Cybersecurity and Infrastructure Security Agency issued a warning that the breach extended beyond the SolarWinds software, and that the hackers also used other malware and different attack techniques, that posed "a grave risk to the federal government."
DemList will keep you informed.
Connecting you to The Party
Connecting you to Each Other
Sources: Politico, New York Times, Foreign Policy, CNN