This week, several major United States government agencies—including the Departments of Homeland Security, Commerce, Treasury, and State—discovered that their digital systems had been breached by Russian hackers in a months-long espionage operation. The breadth and depth of the attacks will take months, if not longer, to fully understand. But it's already clear that they represent a moment of reckoning, both for the federal government and the IT industry that supplies it.
As far back as March, Russian hackers apparently compromised otherwise mundane software updates for a widely used network monitoring tool, SolarWinds Orion. By gaining the ability to modify and control this trusted code, the attackers could distribute their malware to a vast array of customers without detection. Such "supply chain" attacks have been used in government espionage and destructive hacking before, including by Russia. But the SolarWinds incident underscores the impossibly high stakes of these incidents—and how little has been done to prevent them.
"I liken it to other types of disaster recovery and contingency planning in both the government and the private sector," says Matt Ashburn, national security engagement lead at the web security firm Authentic8, who was formerly chief information security officer at the National Security Council. “Your whole goal is to maintain operations when there’s an unexpected event. Yet when the pandemic started this year, no one seemed prepared for it, everyone was scrambling. And supply chain attacks are similar—everyone knows about it and is aware of the risk, we know that our most advanced adversaries engage in this type of activity. But there has not been that concerted focus."
The recriminations came soon after the attacks were revealed, with US senators Ron Wyden (D-Oregon) and Sherrod ..
Support the originator by clicking the read the rest link below.
