Russian hackers staged their attacks on servers within the United States – sometimes using computers in the same city as the victims, cybersecurity company FireEye told the New York Times.
Why it matters: This allowed attackers to escape “legal prohibitions on the National Security Agency from engaging in domestic surveillance” and evade “cyberdefenses deployed by the Department of Homeland Security”.
Update quickly: The attack, attributed to Russia, began with the target of IT contractor SolarWinds’ software. Access there allowed nation-state hackers to access information from a variety of high-profile agencies and companies, including the Treasury, Trade and Homeland Security departments.
- Experts warn of attack it could have serious repercussions, since it lasted for months, targeted important companies and government agencies and gained access to a wide range of substantive information, reports Ina Fried of Axios.
- The attack lasted at least nine months and affected about 250 federal companies and agencies, according to the Times.