It seems that he is not satisfied with having penetrated the networks of such piddling federal agencies as the US State Department, Department of Homeland Security and that agency maintaining our nuclear stock, the hackers of the SolarWinds business also went after NASA and the Federal Aviation Administration, according to a new report from Washington Post.
The report comes shortly thereafter a briefing last week when White House National Security Adviser Anne Neuberger explained that about 100 different companies and a total of nine federal agencies had been successfully “compromised” by foreign hackers. The foreign intrusion campaign (probably “of Russian origin”, as officials claimed) is considered to be the largest in US history.
The Neuberger update was the first official account provided by the Biden administration on the extent to which government networks were breached. At the time of his comments, all but two of the nine agencies had already been exceeded as targets (these include: the State Department, DHS and the Departments of Energy, Justice, Commerce, Treasury, and National Institutes of Health). Now, the Washington Post seems to be identifying its owners. According to the paper report:
Last week, Neuberger said the government found that the computer systems of nine federal agencies were compromised. She did not name them, but The Post confirmed identities with US officials. These include NASA and the Federal Aviation Administration, which have not been previously publicly identified.
It is not known what kind of access the hackers could have had at any of the agencies. In any case, officials said that in cases where government was violated, all the data that was stolen was unclassified and that the operating systems were never accessed. NASA reportedly told the newspaper that it was continuing to work with the US cyber agency CISA on “mitigation efforts to secure NASA’s data and network.” I have contacted both NASA and the FAA for comments and we will update if they respond.
The disclosures add little to the overall narrative of “SolarWinds”, but highlight the scope of information gathering operations conducted against US targets by foreign operators. They also raise speculation about the potential damage a more damaging cyber campaign could cause. Indeed, it is not very comforting to imagine hackers targeting the federal agency tasked with ensuring that planes do not crash.
G / O Media may receive a commission
Details of the violations continued to appear at a steady pace as federal intrusion investigations grew. As the US has temporarily blamed Russia for the attacks (some reports have shown China may also be involved), it is said that the Biden administration is preparation of sanctions in retaliation.
On Tuesday, the US Senate Selection Committee held one of several recent hearings with representatives of many IT companies targeted by the campaign (including SolarWinds, Microsoft, FireEye and CrowdStrike). The meeting provided little new information, but the chairman of the committee, Senator Mark Warner, may best summarize the general concerns about “SolarWinds” as follows:
One of the reasons the SolarWinds hack was particularly worrying is that it was not detected by the US government’s billion-dollar cybersecurity company or anyone else, until private cybersecurity firm FireEye publicly announced that detected a breach of its own network by a “nation-state” intruder. A very important question that comes to mind is: if FireEye hadn’t detected this compromise in December … would we still be in the dark today?
That’s a good point. How did the US state of national security miss this? Why were hackers allowed to gain as much ground as they did? We’ll probably have to get along for this. Officials said it probably will take Monday to conduct a full investigation.