Apparently he is not content to have penetrated such networks small federal agencies such as the United States Department of State, the Department of Homeland Security and this agency which maintains our nuclear stock, hackers in the “SolarWinds” affair also went after NASA and the Federal Aviation Administration, according to a new report from the Washington Post.
The report arrives shortly after an information session last week when White House national security adviser Anne Neuberger explained that approximately 100 different companies and a total of nine federal agencies had been successfully “engaged” by foreign hackers. The foreign intrusion campaign (probably “of Russian origin,” officials said) is believed to be the largest in U.S. history.
The Neuberger update was the first official account provided by the Biden administration on the extent to which government networks had been breached. At the time of his comments, all but nine of those nine agencies had already been targeted (including: the State Department, DHS, and the departments of Energy, Justice, Commerce, Finance, and the National Institutes of Health). Now, the Washington Post seems to have identified the persecuted. According to the document report:
Last week, Neuberger said the government found that the computer systems of nine federal agencies were compromised. She did not name them, but The Post has confirmed identities with U.S. officials. They include NASA and the Federal Aviation Administration, which had not previously been publicly identified.
It is unknown what kind of access hackers may have had to any agency. Despite this, officials have said that in cases where the gthe excess was breached, all data that was stolen was not classified and operating systems were never accedit. According to reports, NASA told the newspaper that they continue to work with the US cyber agency CISA on “mitigation efforts to protect NASA’s data and network.” We have contacted both NASA and the FAA to comment on them and will update if they respond.
The revelations add little to the overall narrative of “SolarWinds,” but underscore the scope of information gathering operations conducted against U.S. targets by foreign operators. They also evoke speculation about the possible damage that a more disastrous cyber campaign could cause. In fact, it’s not exactly comforting to imagine hackers targeting the federal agency in charge of ensuring the planes don’t crash.
G / O Media may receive a commission
Details of the offenses have continued to appear at a steady pace, as federal investigations into intrusions increase. Since the United States has provisionally blamed Russia for the attacks (some reports have shown China may also be involved), is said to be the administration of Biden preparing sanctions in retaliation.
On Tuesday, the U.S. Senate Intelligence Committee held one of several recent hearings on the issue, with representatives from many of the campaign’s target IT companies (including SolarWinds, Microsoft, FireEye and CrowdStrike). . The hearing provided little new information, but committee chairman Sen. Mark Warner may have better summed up general concerns about “SolarWinds”:
One of the reasons SolarWinds hacking has been of particular concern is that it was not detected by the U.S. government cybersecurity company, or anyone else, until private cybersecurity company FireEye publicly announced that had detected a breach of its own network. Nation-state intruder. A very big question that comes to mind is: if FireEye hadn’t detected this compromise in December … would we still be in the dark today?
That’s a good point. How did this state of national security in the United States fail? Why were hackers allowed to gain as much land as them? We’ll probably have to watch out for that. Officials have said it will likely be so take months to conduct a full investigation.