Years before the coronavirus pandemic, experts repeatedly warned the United States was not ready for the next major disease outbreak and that another significant outbreak was inevitable. The US political establishment failed to respond, and we are seeing the results today. Similarly, experts have repeatedly warned for more than two decades of the woeful lack of preparation by the federal government to protect and defend the country from cyber espionage. Those alarms have also been ignored, kicked down the road for a future time to confront. Today, in the realization of the SolarWinds cyber attack, the US realizes it is the victim of one of the worst cyber breaches in American history.
Descriptions by the Leaders and Experts
The situation is developing, but the more I learn this could be our modern-day, cyber equivalent of Pearl Harbor.
Congressman Jason Crow
Today’s classified briefing on Russia’s cyberattack left me deeply alarmed, in fact downright scared. Americans deserve to know what’s going on.
Senator Richard Blumenthal
The number of organizations that downloaded the corrupted update could be as many as 18,000, which includes most federal government unclassified networks and more than 425 Fortune 500 companies.
Tom Bossert, former Homeland Security Advisor
The initial list of victims includes not only government agencies but security and other technology firms as well as non-governmental organizations.”
Brad Smith, Microsoft President, and General Counsel
What Happened?
The SolarWinds cyberattacks are emerging as the most significant attack on the US government, agencies, and private companies in history. The attack began in March but was only discovered by the security company FireEye in the first week of December. FireEye, which offers security for many parts of the US government and other private, disclosed a breach of their security. The full scale of the attack is still being uncovered. FireEye initially believed the attack was upon its security systems but soon realized it targeted organizations worldwide.
Last week, SolarWinds, which provided security software to tens of thousands of customers in government and business, disclosed it was also attacked. Customers worldwide downloaded the corrupted software from SolarWinds into their networks and opened the door to hackers.
The SolarWinds cyberattack is a “supply chain” attack. Rather than attacking governments and institutions directly, the perpetrators attacked a third-party vendor to those groups. According to filings by SolarWinds to the Federal Trade Commission, as many as 18,000 organizations that downloaded SolarWinds software updates between March and June of this year were exposed.
Russian intelligence has had access to private and sensitive information for six to nine months due to the breach. The full scale of the breach may take years to uncover.
The US Cybersecurity and Infrastructure Security Agency (CISA), a division of Homeland Security, issued an emergency directive last week that all federal civilian agencies immediately disconnect from the breached SolarWinds software. Past breaches have shown such a directive could take an entire year to implement fully, and even at that, the hackers may already have breached other software.
The head of CISA was fired by President Trump last month after he stated there was no credible evidence to suggest the 2020 elections were not secure.
Who Did It?
No group has claimed credit for the attack – and they seldom do in the event of cyberattacks. Microsoft, FireEye, SolarWinds, and the US government believes Russia is behind the attack. While making no official statement on the matter, President Trump has suggested via Twitter that China could be the perpetrator. Secretary of State Mike Pompeo countered the President and agreed with most of the experts and stated Moscow was behind the attacks.
According to the Associated Press, White House officials prepared a statement Friday naming Russia as the main actor in the attack, but they were ordered not to release the statement.
Russia has denied its intelligence services were behind the attack.
Who Was Hit?
It could be years before we know the full extent to which organizations and institutions were hit by the cyberattack. There will likely be some degree of coverup as powerful US institutions will seek to deprive the attackers of the full sense of victory. We know the following were hit:
- US Treasury
- Department of Homeland Security
- Department of Commerce
- National Institutes of Health
- Department of State
- Parts of the Pentagon
- Microsoft
- …at least 425 of the Fortune 500 Companies
Official Response
President-elect Biden pledged last week to make cybersecurity a key area of focus in his new administration. Many of his predecessors made the same promise but did nothing. The US government has spent tens of billions in cybersecurity defense in recent years. Those efforts did nothing to deter or detect this hack.
Former US Secretary of Defense Leon Panetta warned that cyberattacks on US interests were growing. He added that simultaneous attacks on “critical infrastructure” in the future could result in a “cyber Pearl Harbor.” His warning came in 2012 under former President Obama.
Conclusion
America has heard the warning calls over and over again. The failure to respond is either a failure of competency or a failure of the American system. For the second time in less than a year, the United States has stood paralyzed as a major crisis pummeled its defenses. We are witnessing unprecedented signals of American decline and collapse.