Russia’s SolarWinds Hack – WSJ
You know a security breach is bad when no one in government wants to talk about it. That appears to be the case with what is being called a Russian cyber attack on at least six U.S. cabinet-level departments that has come to light in the last week.
U.S. officials briefed on the breach are telling reporters that it appears to have begun when hackers broke into the systems of
, a private company that contracts with U.S. agencies, defense contractors and other corporations. SolarWinds isn’t saying much, and neither are the feds.
But reports say the departments of State, Treasury, Homeland Security, Energy, Commerce and the National Institutes of Health were compromised. These agencies contain countless secrets and data that could be useful to an adversary. The Energy Department supervises many of America’s nuclear weapons facilities, and Treasury monitors global terror financing.
Some reports say no classified information was compromised, but more disconcerting is that no one seems to know for sure. U.S. officials still don’t know the extent of the cyber breach, how long the hackers have had access to U.S. systems, or how they were able to go undetected for so long. The U.S. has spent tens of billions on cyber defenses in a project known as Einstein, yet it appears to have been the cyber equivalent of France’s Maginot Line on the German border in 1940.
has said nothing, which is not his habit. Some Democratic politicians have expressed horror after briefings, but they can’t be trusted about anything related to Russia and the Trump Administration.
team will no doubt make this a priority, and it could help public confidence by convening a group of experts who have security clearances and credibility with both parties to discover what happened, the extent of the damage, and how better to deter cyber attacks.
denies Russian involvement, which he always does. But if the Russians are behind the hack, the U.S. will have to respond with more than a tut-tut protest or by indicting a few hackers in Moscow who will never be extradited.
Adversaries in the digital age have the ability to extend their malevolent reach deep into the American homeland. Like hijackings in the 1980s and terror attacks in the 1990s, cyber attacks like this will keep happening as long as there is no cost to their state sponsors.
Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
Appeared in the December 19, 2020, print edition.
Read from the Source link