Apparently, not content to have penetrated the networks of such insignificant federal agencies such as the US Department of State, the Department of Homeland Security and that agency that keeps our nuclear stockpile, hackers in the “SolarWinds” case also harassed NASA and the Federal Aviation Administration, according to a new report from the Washington Post.
The report comes shortly after a briefing last week when White House national security consultant Anne Neuberger explained that approximately 100 different companies and a total of nine federal agencies have been successfully “compromised” by foreign hackers. The foreign intrusion campaign (probably of “Russian origin”, as the authorities said) is considered the largest in the history of the United States.
The Neuberger update was the first official account provided by the Biden government about the extent to which government networks were breached. At the time of his comments, all nine agencies, except two, had already been publicized as targets (include: the Department of State, DHS and the Departments of Energy, Justice, Trade, Treasury and National Institutes of Health). The Washington Post now appears to have identified the stragglers. According to the newspaper report:
Last week, Neuberger said the government found that the computer systems of nine federal agencies were compromised. She did not quote them, but The Post confirmed the identities with American officials. They include NASA and the Federal Aviation Administration, which have not been publicly identified.
It is not known what type of access hackers may have had to any of the agencies. Yet, officials said that in cases where the ggovernment was violated, all stolen data has not been classified and operating systems have never been accessed. NASA told the newspaper that it continues to work with the US cyber agency CISA in “mitigation efforts to protect NASA’s data and network”. We contacted NASA and the FAA for comment and will update if they respond.
The revelations add little to the overall SolarWinds narrative, but underline the scope of intelligence-gathering operations conducted against American targets by foreign operators. They also evoke speculation about the potential damage that a more nefarious cyber campaign can do. In fact, it’s not exactly comforting to imagine hackers targeting the federal agency in charge of making sure the planes don’t crash.
G / O Media can receive a commission
Details of the breaches continued to emerge at a steady pace, as federal investigations into the invasions increased. Since the US tried to blame Russia for the attacks (some reports showed that China may also be involved), the Biden administration is preparing sanctions in retaliation.
On Tuesday, the US Senate Selected Intelligence Committee held one of several recent hearings on the subject, with representatives from many of the IT companies targeted by the campaign (including SolarWinds, Microsoft, FireEye and CrowdStrike). The hearing yielded little new information, but committee chairman Senator Mark Warner may have better summarized the general concerns about “SolarWinds” as follows:
One of the reasons why the SolarWinds hack has been of particular concern is that it was not detected by the US government’s multi-billion dollar cybersecurity company, or anyone else, until private cybersecurity firm FireEye publicly announced that it had detected a breach of its own network by an “nation-state” Intruder. A big question hovering in my mind is: if FireEye hadn’t detected this compromise in December … would we still be in the dark today?
It’s a good point. How did America’s national security state lose this? Why were hackers allowed to gain as much ground as they were? We will probably have to wait for that. Officials said they probably take months to conduct a thorough investigation.