List of known U.S. Russian cyber-espionage victims grows, includes cybersecurity agencies
The list of U.S. government agencies breached in a sophisticated, months-long cyber-espionage campaign grew Monday to include the State Department, the National Institutes of Health, parts of the Pentagon, and notably, the Department of Homeland Security, The New York Times reports.
"The fact that the department charged with safeguarding the country from physical and cyber attacks was victimized underscores the campaign's significance and calls into question the adequacy of federal cybersecurity efforts," The Washington Post notes. The Treasury Department and Commerce Department were the first federal agencies discovered to have been infiltrated. Russia's Foreign Intelligence Service (SVR) is believed to have carried out the stealthy digital espionage.
Top cybersecurity firm FireEye, counterproductively targeted by the Russian hackers, discovered the breach and traced it back to malware slipped into the software update of SolarWinds' popular Orion network management program. SolarWinds said Monday that fewer than 18,000 of its 300,000 clients had downloaded the infected malware starting in March. U.S. investigators are scrambling to figure out what and how much data the cyber-spies stole over those nine months.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
FireEye's Charles Carmakal said his team thinks "the number who were actually compromised were in the dozens," but "they were all the highest-value targets." John Hultquist, manager of analysis at FireEye, said the U.S. is currently "shutting the door" created by the malware, but the hackers still have access and "there are a lot of information-security teams right now who are probably going to be working on this problem through Christmas." Their visibility into their own servers will be limited because they needed to shut down the compromised SolarWinds software they had used to monitor their networks.
Aside from the "embarrassing breaches" at the Pentagon and Homeland Security, "the National Security Agency — the premier U.S. intelligence organization that both hacks into foreign networks and defends national security agencies from attacks — apparently did not know of the breach in the network-monitoring software made by SolarWinds until it was notified last week by FireEye," the Times reports. "The NSA itself uses SolarWinds software."
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Peter has worked as a news and culture writer and editor at The Week since the site's launch in 2008. He covers politics, world affairs, religion and cultural currents. His journalism career began as a copy editor at a financial newswire and has included editorial positions at The New York Times Magazine, Facts on File, and Oregon State University.
-
Boeing machinists approve contract, end strike
Speed Read The company's largest union approved the new contract offer, ending a seven-week strike
By Peter Weber, The Week US Published
-
US economy still strong in final preelection report
Speed Read It grew at a solid 2.8% annual rate from July through September
By Peter Weber, The Week US Published
-
Boeing machinists reject deal, continue strike
Speed Read The rejection came the same day Boeing reported a $6.2 billion quarterly loss
By Peter Weber, The Week US Published
-
Ports reopen after dockworkers halt strike
Speed Read The 36 ports that closed this week, from Maine to Texas, will start reopening today
By Peter Weber, The Week US Published
-
Empty-nest boomers aren't selling their big homes
Speed Read Most Americans 60 and older do not intend to move, according to a recent survey
By Peter Weber, The Week US Published
-
Brazil accuses Musk of 'disinformation campaign'
Speed Read A Brazilian Supreme Court judge has opened an inquiry into Elon Musk and X
By Rafi Schwartz, The Week US Published
-
Disney board fends off Peltz infiltration bid
Speed Read Disney CEO Bob Iger has defeated activist investor Nelson Peltz in a contentious proxy battle
By Rafi Schwartz, The Week US Published
-
Disney and DeSantis reach detente
Speed Read The Florida governor and Disney settle a yearslong litigation over control of the tourism district
By Peter Weber, The Week US Published