The most consequential cyber-attack in history just happened. What now?
The recently revealed hack of government networks, believed to have been conducted by Russia, is a historic act of espionage and revealed severe leaks in the U.S.’ cyberdefense, says cryptographer and security expert Bruce Schneier.
The massive hack of government networks that came to light this month is “probably the most consequential cyber-espionage campaign in history,” an industry expert warns.
“I have never seen anything on this scale, for this long period of time, running undetected and penetrating so many high-profile victims,” explained Dmitri Alperovitch, former chief technical officer of the cybersecurity firm CrowdStrike. It was a “spectacularly successful operation.”
The extensive security breach affected the federal Treasury, Commerce and Homeland Security departments, among others. The hackers — believed by many experts to be Russian — piggybacked on software updates pushed out by the company SolarWinds, although the nation’s top cybersecurity agency believes other access points may have also been used.
“Here’s where the Russian [Foreign Intelligence Service] ruined Christmas: the only thing you can do, if you want to be secure, is basically burn your network to the ground and start all over again,” said Bruce Schneier, a security expert and fellow at Harvard University’s Berkman Klein Center for Internet and Society. “It is long, it is hard, it is painful, it is time-consuming; and even then you can’t be sure.”
If there’s a silver lining to all this, Alperovitch said, it’s that the hackers seem to have only been interested in espionage. “If they had done something destructive,” he said, “we would be literally, probably, at war right now — and not a virtual one.”
Must-read stories from the L.A. Times
Get the day's top news with our Today's Headlines newsletter, sent every weekday morning.
You may occasionally receive promotional content from the Los Angeles Times.