DHS says it could take months to uncover extent of massive Russian malware attack on federal government
The federal government has confirmed it was compromised in a foreign hacking attempt — and it's still not sure just how bad the problem is.
Last week, the cybersecurity firm FireEye announced it uncovered a massive malware attack by Russian hackers that likely affected the federal government as well. The Department of Homeland Security's cybersecurity wing confirmed Thursday that the federal government was a victim of the attack, and it could take "months" to figure out just how deep the infiltration goes, The New York Times reports.
The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
But DHS' Cybersecurity and Infrastructure Security Agency made it clear in its Thursday threat announcement that the incident isn't just something the government can shrug off. The announcement noted the attacker can "exploit software supply chains," and likely has "additional initial access vectors and tactics, techniques, and procedures" that "have not yet been discovered." Altogether, this indicates the federal government is facing a "grave risk" from "an adversary who is skilled, stealthy with operational security, and is willing to expend significant resources to maintain covert presence."
