BETA
This is a BETA experience. You may opt-out by clicking here

Breaking

Edit Story

Major Cyberattack Breached Government Agency In Charge Of Nuclear Weapons Stockpile

Following
This article is more than 3 years old.
Updated Dec 17, 2020, 04:30pm EST

Topline

A major cyberattack that the U.S. agency overseeing cybersecurity warned Thursday poses a “grave” threat to the federal government and private sector has breached the Energy Department and the National Nuclear Security Administration, according to Politico, stoking fears about what information may have been compromised.

Key Facts

Since news of the attack was made public last week, the scope and potential threat of the infiltration—which is so far thought to have impacted thousands of businesses and nearly half a dozen federal agencies, and has been attributed by U.S. officials to Russia—has continued to escalate.

According to Politico’s Thursday report, the hackers managed to breach the National Nuclear Security Administration, which maintains the U.S.’s nuclear weapons stockpile, as well as the Energy Department’s Federal Regulatory Commission (FERC), national laboratories in New Mexico and Washington, the Office of Secure Transportation and the Richland Field Office of the DOE.

This is in addition to the other federal agencies, including the Pentagon, the Department of Defense, the Department of Justice, and the Department of Homeland Security, that were known to be potentially compromised for their downloading of corrupted software from SolarWinds, which was sourced as the access point for hackers.

In an alert issued earlier on Thursday, the U.S.’s Cybersecurity and Infrastructure Security Agency (CISA) for the first time detailed the scale of the attack, warning that it has determined federal government, state local, tribal and territorial organizations, as well as critical infrastructure entities and private sector organizations to be at “grave risk” from the infiltration.

Furthermore, CISA said it’s identified “additional” access points through which the hackers may have been able to get into U.S. computer systems, meaning the scope of the hack could be much broader than initially projected.

CISA said the hackers, whose attack dates back to at least March, have shown “sophistication and complex tradecraft in these intrusions” and predicts it will be “highly complex and challenging” for organizations to remove the threat actor from compromised environments.

Big Number 

18,000. That’s the total number of organizations, including unclassified networks run by most federal government entities, that downloaded the corrupted SolarWinds software. 

Key Background 

The hack was detected by cybersecurity firm FireEye who announced last week that the U.S. government and its clients had been placed at risk. The scale of the attack, which has been widely attributed to the Russian foreign intelligence agency (despite denial from Russian officials), is not yet known, but The Associated Press suggested that hackers could have gained access to some of the U.S.’s “most deeply held secrets.” President Trump, instead focusing on his continued challenges to the results of the 2020 election has not yet spoken publicly about the hack, prompting backlash from members of Congress from both sides of the aisle who say Trump needs to take a stand against Russia.

Chief Critic

“I think the White House needs to say something aggressive about what happened,” said Sen. Mitt Romney (R-UT) on Thursday. “This is almost as if you had a Russian bomber flying undetected over the country, including over the nation’s capital, and not to respond in a setting like that is really stunning.”


Tangent

President-elect Joe Biden said in a statement that he’s been briefed by government officials on the attack, vowing to impose a “substantial cost” on those behind the hack. “We need to disrupt and deter our adversaries from undertaking significant cyber attacks in the first place,” said Biden, emphasizing that he would not stand “idly by.”

Further Reading

“DHS, DOJ And DOD Are All Customers Of SolarWinds Orion, The Source Of The Huge US Government Hack” (Forbes)

“‘We're Being Hacked’: As Trump Stays Silent, Ex-Security Adviser Sounds Alarm About Russian Infiltration” (Forbes)

Follow me on TwitterSend me a secure tip