DHS says it could take months to uncover extent of massive Russian malware attack on federal government


The federal government has confirmed it was compromised in a foreign hacking attempt — and it's still not sure just how bad the problem is.
Last week, the cybersecurity firm FireEye announced it uncovered a massive malware attack by Russian hackers that likely affected the federal government as well. The Department of Homeland Security's cybersecurity wing confirmed Thursday that the federal government was a victim of the attack, and it could take "months" to figure out just how deep the infiltration goes, The New York Times reports.
FireEye disclosed that it was "attacked by a highly sophisticated threat actor" via malware embedded into a software update of the company SolarWinds' Orion network management program. Several federal agencies and departments who use the software seemingly downloaded the update and were infiltrated by, seemingly, Russia's Foreign Intelligence Service, The New York Times reported Tuesday. President Trump has yet to acknowledge the attack, while Secretary of State Mike Pompeo "deflected the hacking as one of the many daily attacks on the federal government," the Times writes.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
But DHS' Cybersecurity and Infrastructure Security Agency made it clear in its Thursday threat announcement that the incident isn't just something the government can shrug off. The announcement noted the attacker can "exploit software supply chains," and likely has "additional initial access vectors and tactics, techniques, and procedures" that "have not yet been discovered." Altogether, this indicates the federal government is facing a "grave risk" from "an adversary who is skilled, stealthy with operational security, and is willing to expend significant resources to maintain covert presence."
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Kathryn is a graduate of Syracuse University, with degrees in magazine journalism and information technology, along with hours to earn another degree after working at SU's independent paper The Daily Orange. She's currently recovering from a horse addiction while living in New York City, and likes to share her extremely dry sense of humor on Twitter.
-
'Tariff stacking' is creating problems for businesses
The Explainer Imports from China are the most heavily affected
-
Can MAGA survive a US war on Iran?
Talking Points Trump's wavering sparks debate about 'America First'
-
'The Minnesota attacks join a grim catalog of political violence'
Instant Opinion Opinion, comment and editorials of the day
-
Economists fear US inflation data less reliable
speed read The Labor Department is collecting less data for its consumer price index due to staffing shortages
-
Crypto firm Coinbase hacked, faces SEC scrutiny
Speed Read The Securities and Exchange Commission has also been investigating whether Coinbase misstated its user numbers in past disclosures
-
Starbucks baristas strike over dress code
speed read The new uniform 'puts the burden on baristas' to buy new clothes, said a Starbucks Workers United union delegate
-
Warren Buffet announces surprise retirement
speed read At the annual meeting of Berkshire Hathaway, the billionaire investor named Vice Chairman Greg Abel his replacement
-
Trump calls Amazon's Bezos over tariff display
Speed Read The president was not happy with reports that Amazon would list the added cost from tariffs alongside product prices
-
Markets notch worst quarter in years as new tariffs loom
Speed Read The S&P 500 is on track for its worst month since 2022 as investors brace for Trump's tariffs
-
Tesla Cybertrucks recalled over dislodging panels
Speed Read Almost every Cybertruck in the US has been recalled over a stainless steel panel that could fall off
-
Crafting emporium Joann is going out of business
Speed Read The 82-year-old fabric and crafts store will be closing all 800 of its stores