EXPLAINER: How bad is the hack that targeted US agencies?
Associated PressGovernments and major corporations worldwide are scrambling to see if they, too, were victims of a global cyberespionage campaign that penetrated multiple U.S. government agencies and involved a common software product used by thousands of organizations. The malware, affecting a product made by U.S. company SolarWinds, gave elite hackers remote access into an organization’s networks so they could steal information. “There’s no evidence that this was meant to be destructive,” said Ben Buchanan, Georgetown University cyberespionage expert and author of “The Hacker and The State.” He called the campaign’s scope, “impressive, surprising and alarming.” Its apparent monthslong timeline gave the hackers ample time to extract information from a lot of different targets. “If for many months the Americans couldn’t do anything about it, then, probably, one shouldn’t unfoundedly blame the Russians for everything.” Buchanan, the Georgetown expert, said the hackers were “adept at finding a systemic weakness and then exploiting it quietly for months.” Supporting the consensus in the cyberthreat analysis community that Russians are responsible are the tactics, techniques and procedures used, which bear their digital fingerprints, said Brandon Valeriano, a Marine Corps University technology scholar. An advisory issued by Microsoft, which assisted FireEye in the hack response, said it had “delivered more than 13,000 notifications to customers attacked by nation states over the past two years and observed a rapid increase in sophistication and operational security capabilities.” —— Associated Press reporter Eric Tucker contributed to this report.