Communications of the ACM
Scope of Russian Hack Becomes Clear: Multiple U.S. Agencies Were Hit
About 18,000 private and government users downloaded a tainted software update that gave Russian hackers a foothold into victims systems, according to the company whose software was compromised.
Credit: Brendan Mcdermid/Reuters
The scope of a hack engineered by one of Russia's premier intelligence agencies became clearer on Monday, when some Trump administration officials acknowledged that other federal agencies — the State Department, the Department of Homeland Security and parts of the Pentagon — had been compromised. Investigators were struggling to determine the extent to which the military, intelligence community and nuclear laboratories were affected by the highly sophisticated attack.
U.S. officials did not detect the attack until recent weeks, and then only when a private cybersecurity firm, FireEye, alerted American intelligence that the hackers had evaded layers of defenses.
It was evident that the Treasury and Commerce Departments, the first agencies reported to be breached, were only part of a far larger operation whose sophistication stunned even experts who have been following a quarter-century of Russian hacks on the Pentagon and American civilian agencies.
About 18,000 private and government users downloaded a Russian tainted software update — a Trojan horse of sorts — that gave its hackers a foothold into victims' systems, according to SolarWinds, the company whose software was compromised.
From The New York Times
View Full Article
No entries found