Russian hackers staged their attacks from servers in the US – sometimes using computers in the same town or city as the victims, cybersecurity firm FireEye tells the New York Times.
Why it matters: This allowed the intruders to evade “legal prohibitions for the National Security Agency to engage in domestic surveillance” and “Department of Homeland Security cyber defenses.”
Overtaking quickly: The attack, attributed to Russia, began by attacking the software of IT contractor SolarWinds. By gaining access there, nation-state hackers gained access to information from a variety of high-profile agencies and companies, including the Treasury, Commerce and Homeland Security departments.
- Experts warn the attack could have serious repercussions as it took months, targeted key companies and government agencies and gained access to a wide range of content information, Axios’ Ina Fried reports.
- The attack lasted at least nine months and affected about 250 companies and federal agencies, according to the Times.