Dec 18, 2020 - Technology

Cyberhack looks like act of war

U.S. folder being accessed

Illustration: Sarah Grillo/Axios

A Trump administration official tells Axios that the cyberattack on the U.S. government and corporate America, apparently by Russia, is looking worse by the day — and secrets may still be being stolen in ways not yet discovered.

The big picture: "We still don't know the bottom of the well," the official said. Stunningly, the breach goes back to at least March, and continued all through the election. The U.S. government didn't sound the alarm until this Sunday. Damage assessment could take months.

Microsoft President Brad Smith told the N.Y. Times that at least 40 companies, government agencies and think tanks had been infiltrated.

  • The hack is known to have breached the departments of Defense, State, Homeland Security, Treasury, Commerce, and Energy and its National Nuclear Security Administration — plus the National Institutes of Health.
  • 8 countries: Microsoft, which has helped respond to the breach, said in a statement that 80% of its 40 customers known to have been targeted are in the U.S., plus others in U.K., Israel, UAE, Canada, Mexico, Belgium and Spain.

In unusually vivid language for a bureaucracy, the U.S. Cybersecurity and Infrastructure Security Agency, part of Homeland Security, said yesterday that the intruder "demonstrated sophistication and complex tradecraft."

  • The agency said the breach "poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations."

If this had been a physical attack on America's secrets, we could be at war.

  • Imagine if during the Cold War, the Soviet Union had broken into a building in Washington and walked out with correspondence, budgets and more.
  • Sen. Chris Coons (D-Del.) told Andrea Mitchell on MSNBC: "It's pretty hard to distinguish this from an act of aggression that rises to the level of an attack that qualifies as war. ... [T]his is as destructive and broad scale an engagement with our military systems, our intelligence systems as has happened in my lifetime."

The gravity wasn't immediately apparent because this wasn't the "cyber Pearl Harbor" that experts have warned about: No one took out a power grid, or stole a bunch of money or destabilized the markets.

  • Instead, it's more like someone has been walking in and out of your house for months, and you don't really know what they took.
  • And they may have built a secret door. "For someone to have access that long, who's this sophisticated, it's pretty likely they built other ways to get in that are hard to find," one official told me.

What's next: President Trump has stayed silent on the hack, meaning that President-elect Biden's overflowing in-box now includes Russian reprisal, damage mitigation and future deterrence.

  • Promising to impose "substantial costs" on the perpetrator, Biden said in a statement that his administration "will make cybersecurity a top priority": "I will not stand idly by in the face of cyber assaults on our nation."
Go deeper