Apparently not content to penetrate the networks of such clumsy federal agencies as the US State Department, the Department of Homeland Security, and that desk which maintains our nuclear stockpile, the hackers of the ‘SolarWinds’ affair also went after NASA and the Federal Aviation Administration, according to a new report from the Washington Post
The report comes shortly after a briefing last week when White House National Security Adviser Anne Neuberger explained that about 100 different companies and a total of nine federal agencies had been successfully “compromised” by foreign hackers. The foreign burglary campaign (probably “Russian in origin,” as officials have put it) is considered the largest in US history.
The Neuberger update was the first official count provided by the Biden administration as to the extent to which government networks had been breached. At the time of her comment, all but two of the nine agencies had already been targeted (including: the State Department, DHS, and the Departments of Energy, Justice, Trade, Finance, and the National Institutes of Health). Now the Washington Post appears to have identified the laggards. According to the newspaper’s report:
Last week, Neuberger said the government found computer systems at nine federal agencies had been compromised. She didn’t name them, but The Post has confirmed the identity with US officials. They include NASA and the Federal Aviation Administration, which have not been previously made public.
It is not known what kind of access the hackers had to both instances. However, officials have said that, in cases where the governight stay was violated, all the data that was stolen was unclassified and those operational systems never approached. NASA reportedly told the paper that they are continuing to work with the US cyber agency CISA on “mitigation efforts to secure NASA’s data and network.” We’ve reached out to both NASA and the FAA for comment and will update as they respond.
The revelations add little to the general “SolarWinds” story, but underscore the scale of the intelligence-gathering operations being carried out by foreign operators against US targets. They also spark speculation about the possible damage a nefarious cyber campaign could do. Indeed, it is not very reassuring to imagine hackers targeting the federal agency responsible for keeping planes from crashing.
G / O Media can receive a commission
Details about the breaches continued to emerge at a steady pace as federal investigations into the intruders increase. Because the US has provisionally blamed Russia for the attacks (some reports have shown China can also be involved), the Biden administration is reported to have preparing sanctions retaliation.
On Tuesday, the US Senate Select Committee on Intelligence held one of several recent hearings on the matter, with representatives from many of the IT companies targeted by the campaign (including SolarWinds, Microsoft, FireEye and CrowdStrike). The hearing yielded little new information, but the chairman of the committee, Senator Mark Warner, perhaps best summed up general concerns about “SolarWinds” as follows:
One reason the SolarWinds hack is particularly concerning is that it was not detected by the multimillion-dollar U.S. government cybersecurity firm, or anyone else, until private cybersecurity firm FireEye publicly announced it was a breach of its own network had been discovered by a “Nation State” intruder. A really big question that comes to mind is, if FireEye hadn’t discovered this compromise in December … would we be in the dark today?
It’s a good point. How did the US National Security State miss these? Why were the hackers allowed to gain as much ground as they do? We will probably have to stay put for that. Officials have said it is likely to happen take months to conduct a full investigation.