Russian hackers staged their attacks on servers inside the US – sometimes using computers in the same city or town as the victims, cybersecurity company FireEye tells the New York Times.
Why does it matter: This allowed intruders to evade “legal bans imposed on the National Security Agency to engage in internal surveillance” and evaded “cyber defenses conducted by the Department of Homeland Security.”
Get fast: The attack, attributed to Russia, began with targeting software from IT contractor SolarWinds. Gaining access there allowed national state hackers access to information from a variety of agencies and companies, including the Treasury, Commerce and Homeland Security departments.
- Experts warn of the attack it could have severe repercussions, as it lasted for months, targeted key companies and government agencies and gained access to a wide range of background information, reports Ina Fried of Axios.
- The attack lasted at least nine months and affected about 250 federal companies and agencies, according to the Times.