Just the mention of Russia-affiliated hackers is unnerving enough, but the latest global espionage has been monitoring U.S. Treasury and Commerce departments’ emails to the point that the National Security Council met Saturday.
News outlets are reporting that the initial discoveries could be part of a larger security breach that penetrates several federal agencies. Reuters and the New York Times cited sources that tie the spying to Russia and link the cyberattack with a previously disclosed attack on FireEye, a U.S. cybersecurity company with government contracts. Experts interpreted that attack as Russian work, as well.
“The United States government is aware of these reports, and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” National Security Council spokesman John Ullyot said in a statement.
Last week, the National Security Agency warned of “Russian state-sponsored actors” infiltrating federal computer systems. The investigation has called in the Dept. of Homeland Security (DHS), whose leader was fired by President Donald Trump last month for discrediting election fraud claims. Federal agencies began combing for more compromises.
“This can turn into one of the most impactful espionage campaigns on record,” CrowdStrike founder and cybersecurity expert Dmitri Alperovitch told Associated Press.
AP reported that the DHS directed U.S. agencies to disconnect from SolarWinds software, which FireEye identified as the source of its hack using malware in a software update. Alperovitch told AP that SolarWinds grants “God mode” to access everything on a network.
“This is a much bigger story than one single agency,” a source familiar with the attack told Reuters. “This is a huge cyber-espionage campaign targeting the U.S. government and its interests.”
In recent years, Russia explored forming a joint cyber unit with America. The Russian embassy in the U.S. posted a social media denial of Russian ties to the cyberattack and described the media reports as “unfounded.”
But they also spelled “learn” as “lear,” so how much can this be trusted?