Massive cyberattack was waged from within US, top cybersecurity firm says
Thomas Catenacci, DCNF
The hackers behind the major cyberattack against several federal government agencies used computers within the U.S., according to the cybersecurity firm FireEye.
The massive cyberattack was conducted using servers and computers within the U.S. and often from within the same town or city as the victims of the attack, FireEye told The New York Times. Because the attack came from domestic servers, the perpetrators were able to evade the National Security Agency’s (NSA) authority, which does not extend to domestic private sector networks.
“[Russia’s Foreign Intelligence Service (SVR)] is deliberate, they are sophisticated, and they don’t have the same legal restraints as we do here in the West,” former government intelligence analyst Adam Darrah told The Times.
The extent of the cyberattack, meanwhile, is now estimated to be much larger than originally expected, according to The Times. It is now expected that Russian actors accessed about 250 U.S. networks, including Fortune 500 companies and several government agencies such as the Department of Homeland Security, the Treasury Department and the National Nuclear Security Administration.
“We still don’t know what Russia’s strategic objectives were,” Suzanne Spaulding, a former DHS cybersecurity official, told The Times.
“But we should be concerned that part of this may go beyond reconnaissance,” she continued. “Their goal may be to put themselves in a position to have leverage over the new administration.”
Officials have privately acknowledged that it remains unknown how much sensitive data the hackers obtained, according to The Times. They fear that the hackers could have accessed and obtained the official U.S. plan for restoring power during a potential future nationwide blackout.
“The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control,” President Donald Trump tweeted on Dec. 19.
Trump added that China may have conducted the attack in a follow-up tweet.
However, Secretary of State Mike Pompeo and then-Attorney General William Barr both acknowledged that Russian hackers perpetrated the attack.