By BRIAN CONTRERAS
The massive hack of government networks that came to light this month is “probably the most consequential cyber-espionage campaign in history,” an industry expert warns.
“I have never seen anything on this scale, for this long period of time, running undetected and penetrating so many high-profile victims,” explained Dmitri Alperovitch, former chief technical officer of the cybersecurity firm CrowdStrike. It was a “spectacularly successful operation.”
The extensive security breach affected the federal Treasury, Commerce and Homeland Security departments, among others. The hackers — believed by many experts to be Russian — piggybacked on software updates pushed out by the company SolarWinds, although the nation’s top cybersecurity agency believes other access points may have also been used.
“Here’s where the Russian [Foreign Intelligence Service] ruined Christmas: the only thing you can do, if you want to be secure, is basically burn your network to the ground and start all over again,” said Bruce Schneier, a security expert and fellow at Harvard University’s Berkman Klein Center for Internet and Society. “It is long, it is hard, it is painful, it is time-consuming; and even then you can’t be sure.”
If there’s a silver lining to all this, Alperovitch said, it’s that the hackers seem to have only been interested in espionage. “If they had done something destructive,” he said, “we would be literally, probably, at war right now — and not a virtual one.”
No comments:
Post a Comment