Russian Cyber Attacks Alarmingly Successful

The Russian attacks infiltrated deep into the American cyber fabric, and damages are still being assessed.

According to United States Senator Jack Reed, it was “the greatest cyber intrusion, perhaps, in the history of the world.” The Russian Cyber Agency, the Foreign Intelligence Service, infiltrated the software of at least 250 federal agencies and companies and had access to sensitive information for upwards of 11 months. Given the speculation since the 2016 election regarding the probability of a Russian attack on U.S. technology, it was not so shocking as how thoroughly successful the attempt was. 

A figurative portrayal of foreign hackers focusing in on U.S. vulnerabilities.

A cybersecurity firm called FireEye, not U.S. security agencies, first noticed something amiss in early December 2020—the company has been the first to be called upon by countries and companies whose cyber security had been penetrated by hackers. Examples of the past companies it has aided include Sony after the catastrophic attacks by North Korea, as well as Equifax, whose credit card services were breached in an attack thought to have affected half the American public. Likely targeted because of its history of helping victims of hacks, the company noticed that their “tool kit,” or technology used to detect vulnerabilities in cyber systems, had been stolen by what they described as a “nation with top tier defensive capabilities.” The manner of attack and its clandestinity were characteristic of Russian hackers. Senator Mark Warner, Chair of the Senate Intelligence committee, recognized that if FireEye had not come forward, the U.S. government “may still not be aware of it to this day.” 

Subsequent investigation revealed that FireEye was far from the only victim. Fellow cybersecurity agency CrowdStrike also received software subject to manipulation by Russian hackers. Microsoft, the largest software provider in the world, reported that its emails and documents had been compromised and that vulnerabilities in its system had been exploited to gain access to their server. Thousands of internet probed addresses were created to trick Microsoft’s cloud configuration into divulging email passwords and more. 

Through the use of such novel hacking techniques, Russia was also able to bypass the U.S. multi-billion dollar digital security barrier Einstein. Federal U.S. Agencies including the departments of Treasury, Justice, Commerce, State, Homeland Security, Labor and Energy all suffered breaches. In a few of these cases, the emails of senior officials were viewed by hackers, and important files were accessed

After infiltrating the Texas based company SolarWind, Russian hackers used it as a gateway for all other attacks. Hackers inserted a “backdoor” into SolarWinds software Orion. This malicious software was implanted in the technology of over a hundred companies and their respective customers through seemingly harmless updates. Once within digital boundaries, hackers could take advantage of discrepancies and little known defects in a network to jump from one cloud computing site to the next. The sheer sophistication of the attack becomes further apparent upon discovery that 30% of those affected didn’t even use the products of SolarWind.

SolarWind reports that their systems were hacked manually, instead of by a computer system.

More investigation into the attack seems to only yield greater uncertainty regarding the methods of infiltration and how far reaching the attacks were. The two  certain details are that Russia was behind the attack, and that the U.S. was unprepared for it. Companies like FireEye are meant to help countries defend against cyber attacks and Einstein focuses on detecting hacking projects and the parts of the internet where they occurred. However, they failed to prevent such an attack, and there will be grave consequences for consumers and American citizens alike. This has led to a reckoning on the efficacy of the U.S. security forces that protect institutions like elections, as well as the cyber security of tech firms that have millions of customers entrusting them with their personal information daily.

– Alexandra Kluzak

Image Sources