The federal government has confirmed it was compromised in a foreign hacking attempt — and it's still not sure just how bad the problem is.
Last week, the cybersecurity firm FireEye announced it uncovered a massive malware attack by Russian hackers that likely affected the federal government as well. The Department of Homeland Security's cybersecurity wing confirmed Thursday that the federal government was a victim of the attack, and it could take "months" to figure out just how deep the infiltration goes, The New York Times reports.
FireEye disclosed that it was "attacked by a highly sophisticated threat actor" via malware embedded into a software update of the company SolarWinds' Orion network management program. Several federal agencies and departments who use the software seemingly downloaded the update and were infiltrated by, seemingly, Russia's Foreign Intelligence Service, The New York Times reported Tuesday. President Trump has yet to acknowledge the attack, while Secretary of State Mike Pompeo "deflected the hacking as one of the many daily attacks on the federal government," the Times writes.
But DHS' Cybersecurity and Infrastructure Security Agency made it clear in its Thursday threat announcement that the incident isn't just something the government can shrug off. The announcement noted the attacker can "exploit software supply chains," and likely has "additional initial access vectors and tactics, techniques, and procedures" that "have not yet been discovered." Altogether, this indicates the federal government is facing a "grave risk" from "an adversary who is skilled, stealthy with operational security, and is willing to expend significant resources to maintain covert presence."