The attack is believed to have been carried out by the Russian foreign intelligence service known as the SVR. Russia has denied involvement.
On December 19, President Donald Trump downplayed the threat of a massive hack that affected several federal agencies in the United States.
The hack came through a backdoor vulnerability in a software update from SolarWinds, an IT management company.
In addition to federal agencies, thousands of companies worldwide also use SolarWinds’ Orion software. Nearly 18,000 of its customers received the vulnerable update between March and June of this year. Federal agencies affected include the Commerce Department, the Department of Homeland Security, the Pentagon, the US Postal Service and the National Institutes of Health.
On Thursday, the US Cybersecurity and Infrastructure Security Agency (CISA) published a statement declaring the hack a “grave risk” to local, state and federal governments, as well as private organizations.
The attack is believed to have been carried out by the Russian foreign intelligence service known as the SVR. Russia has denied involvement.
“Hackers employed by nation states are a different breed,” said Steven Ostrowski, a senior director at CompTIA, an IT education organization, in a statement to TMS. “They can and will play the long game. They don’t go away because they have no fear of recrimination even if detected. Nation states simply deny their existence and move on.”
Since Thursday, US intelligence agencies have begun briefing members of Congress, including members of the Senate Armed Services Committee. The Republican Chairman of the committee, James Inhofe of Oklahoma, and the top Democrat on the committee, Jack Reed of Rhode Island, issued a joint statement Thursday saying the hack “appears to be ongoing and has the hallmarks of a Russian intelligence operation.”
Throughout the initial news of the hack, President Trump remained silent. He made his first public comments on the matter through a pair of tweets on Saturday, where he downplayed the threat of the hack. He also contradicted the statements of several Congressmen and his own Secretary of State by making the baseless claim that “it may be China” responsible for the hack instead of Russia.
In the same set of tweets, the president also stated without evidence that the hack “could also have been a hit on our ridiculous voting machines during the election.”
Trump’s claims run counter to a joint statement issued by national, state and private election officials last month that “The November 3rd election was the most secure in American history.”
“This software is not even used on voting machines,” said Perry Toone, an IT strategist, to TMS.
“The hack really doesn’t mean much for the everyday person and their data. This is a national security hack conducted by a nation-state (Russia) and focused on high-value targets/data.”
SolarWinds has said it will cooperate with the Federal Bureau of Investigation (FBI), the US intelligence community and other investigating agencies trying to learn more about the malware, its victims and its effects. The company said that any affected customers should update their software to the latest version to protect themselves.
“There’s a lot that’s still unknown about the operation, who was compromised, and what data or secrets were stolen,” Toone said, “and the fact that it went unnoticed for nine months tells us that this story is far from over.”
Have a tip or story? Get in touch with our reporters at [email protected]
