BOSTON (AP) – Some of America’s deepest secrets may have been stolen in a months-disciplined operation of blaming Russian elite government hackers. The possibilities of what could have been revealed are mind-boggling.
Could hackers get nuclear secrets? Information about COVID-19 vaccine? Plans for next-generation weapon systems?
It will take weeks, perhaps years, in some cases, for digital details to be combed through U.S. government and private industry networks to get the answers. These hackers are consummate professionals when it comes to covering their tracks, experts say. No theft may ever be detected.
What seems clear is that this campaign, which according to cybersecurity experts shows the tactics and techniques of the Russian intelligence agency SVR in Russia, will be among the most prolific in the annals of cyberespionage.
U.S. government agencies, including the Treasury and Commerce departments, were among dozens of high-value public and private sector targets that have been known to have infiltrated since March through a software update. distributed to thousands of companies and government agencies around the world. A Pentagon statement said Monday it was using the software. He said he had “issued guidelines and guidelines to protect” his networks. I wouldn’t say – for “operational security reasons” – if any of your systems may have been hacked.
On Tuesday, Acting Secretary of Defense Chris Miller told CBS News that so far there was no evidence of compromise.
During the months since the update came out, hackers carefully filtered out the data, often encrypting it so that it was not clear what was being taken and covering their tracks expertly.
Thomas Rid, a cyber-conflict expert at Johns Hopkins, said the likely effectiveness of the campaign can be compared to the three-year-old Russian piracy “Moonlight Maze” of the 1990s of U.S. government targets, including NASA and the Pentagon. An American investigation determined that the height of the stolen documents — if printed and piled up — would triple the height of the monument in Washington.
In this case, “several stacks of documents from the Washington Monument that were taken from different government agencies is probably a realistic estimate,” Rid said. “How would they use that? They probably don’t know it yet. “
The Trump administration has not said which agencies were hacked. And so far no victims have been reported from the private sector. Traditionally, defense contractors and telecommunications companies have been popular targets among state-backed cyberspies, Rid said.
Intelligence agents often look for the latest in weapons technology and missile defense systems: anything vital to national security. They also develop dossiers on rival government employees, potentially for recruitment as spies.
President Donald Trump’s national security adviser, Robert O’Brien, interrupted a trip abroad to hold meetings on the hack and was to convene a top-level interagency meeting later this week, the White House in a statement.
O’Brien had planned to return on Saturday and had to abandon plans to visit officers in Italy, Germany, Switzerland and Britain, said an official familiar with his itinerary who was not authorized to discuss it and spoke with the condition of anonymity.
Earlier, the White House said a coordinating team had been set up to respond, including the FBI, the Department of Homeland Security and the Office of the Director of National Intelligence.
On Monday, in a briefing for Congressional staff, DHS did not say how many agencies were hacked, a reflection of how little the Trump administration has been sharing with Congress about the case.
Critics have long complained that the Trump administration has failed to address cyber security threats with snowballs, including ransomware attacks that have affected state and local governments, hospitals and even all the institutes.
“It has been a frustrating time for the last four years. I mean, nothing serious has happened at all in terms of cybersecurity, “said Brandon Valeriano, a Marine Corps University academic and advisor to the Solar Cyber Commission, which was created by Congress to strengthen the cyber defenses of the “It’s hard to find anything that would move forward.”
Trump eliminated two key government positions: the White House’s cybersecurity coordinator and the head of the State Department’s cybersecurity policy.
Valerian said one of the few bright spots was the work of Chris Krebs, the head of the Cybersecurity and Infrastructure Agency, whom Trump fired to defend the integrity of the election in the face of Trump’s false claims of widespread fraud.
Hackers infiltrated government agencies by recovering malicious code into commercial network management software from SolarWinds, a Texas company, beginning in March.
The campaign was discovered by cybersecurity company FireEye when it detected it had been hacked (revealed the December 8 breach) and alerted the FBI and other federal agencies. Charles Carmakal, a FireEye executive, said he was aware of “dozens of incredibly high targets” infiltrated by hackers and was helping “various organizations respond to their intrusions.” He would not name any and said he hoped many more would learn in the coming days that they too were engaged.
Carmakal said the hackers would have activated the remote access backdoors only to targets that were sure they had valuable data. It is a manual, demanding job that moves networks around risk detection.
The SolarWinds campaign highlights the lack of mandatory minimum security standards for commercial software used on federal computer networks. Another example is the Zoom video conferencing software. Its use in federal computer networks was approved last year, but security experts discovered several vulnerabilities exploitable by hackers after federal workers sent home by the pandemic began using it.
Representative Jim Langevin, a member of the Rhode Island Democratic and Cyberspace Solarium Commission, said the breach reminded him of the 2015 Chinese hacking by the U.S. Office of Personnel Management, in which records were stolen. 22 million federal employees and government job seekers.
He highlighted the need, he said, for a national cyber director in the White House, a position subject to Senate confirmation. Congress passed this position in a recently passed defense bill.
“In all the different departments and agencies, cybersecurity will never be its main mission,” Langevin said.
Trump has threatened to veto the bill for objections to unrelated provisions.
—-
Associated Press writers Ben Fox, Deb Riechmann and Lolita Baldor in Washington and Matt O’Brien in Providence, Rhode Island, contributed to this report.