Apparently not happy that they have invaded the networks of such poodle federal agencies as the U.S. Department of State, Department of Homeland Security, and that agency maintaining our core inventory, the hackers of the ‘SolarWinds’ affair also went to NASA and the Federal Aviation Administration, according to a new report from the Washington Post.
The report comes shortly afterwards an information session last week when White House National Security Adviser Anne Neuberger explained that about 100 different companies and a total of nine federal agencies had been successfully ‘compromised’ by foreign hackers. The foreign invasion campaign (probably ‘Russian of origin’, as officials put it) is considered the largest in American history.
The Neuberger update was the first official version of the Biden government on the extent to which government networks were broken. At the time of her comments, all but nine agencies had already been set as targets (these include: the State Department, DHS and the Departments of Energy, Justice, Commerce, Treasury and the National Institutes of Health). Now it looks like the Washington Post has identified the hooligans. According to the report of the paper:
Last week, Neuberger said the government found that computer systems at nine federal agencies had been compromised. She did not mention it, but The Post confirmed the identity with U.S. officials. These include NASA and the Federal Aviation Administration, which have not previously been publicly identified.
It is unknown what access the hackers had to one of the agencies. But, officials said that, in cases where the gtakeover was violated, all data stolen was not classified and that operating systems were never obtain. NASA reportedly told the newspaper that it was continuing to work with the US cyber agency CISA on “mitigation efforts to secure NASA’s data and network.” We reached out to both NASA and FAA for comment and will stay tuned if they respond.
The revelations make little contribution to the overall story of ‘SolarWinds’, but underscore the scale of the intel collection operations carried out against US targets by foreign operators. They also raise speculation about the possible damage that a more heinous cyber campaign could cause. It is indeed not very comforting to think that hackers are targeting the federal agency that oversees that planes do not crash.
G / O Media can get a commission
Details of the violations continued at a steady pace as federal investigations into the burglaries increased. As the US blames Russia for the time being for the attacks (some reports have shown China can also be involved) the Biden administration believes the preparation of sanctions in retaliation.
The U.S. Senate Intelligence Committee on Tuesday held one of several recent hearings on the matter, with representatives from many of the IT companies targeted by the campaign (including SolarWinds, Microsoft, FireEye and CrowdStrike). The trial yielded little new information, but committee chairman Mark Warner summed up perhaps the best issues about ‘SolarWinds’ as follows:
One of the reasons why the SolarWinds hack is particularly concerned is that it was not detected by the US government’s cyber security company or anyone else, until the private cyber security firm FireEye publicly announced that it was violating its own network by an Intruder of a ‘nation-state’. A very big question that comes to my mind is: would FireEye not have detected this compromise in December … would we still be in the dark today?
That’s a good point. How did America’s national security state miss this one? Why were the hackers allowed to win as much field as they did? We’ll probably have to sit tight for one. Officials said it was likely to be take months to conduct a full investigation.