Suspected Russian Cyber Attack Reveals US Security Vulnerability
Security Breach Is Remarkable For Its Level of Sophistication, Impact, and Scope over the US Government
The United States Department of Energy is the most recent agency that has confirmed the alleged news of having a security breach, in an attempt which has been described as the worst hacking incident on the United States government.
The US cyber attack has occurred in the department, which is concerned with the management of the nuclear weapons of the United States, but according to the department, the security of the arsenal was not compromised. Numerous people suspect that the government of Russia is behind the orchestration of the cyber attack, but when confronted, they have denied.
Along with the cyber attack on the United States government, the tech giant firm Microsoft said in a public statement on Thursday that they have also found several malicious software in their system that were entered to gain sensitive data and potentially harm the company.
Along with the United States Department of energy, the commerce and treasury department’s security was also compromised in the US cyber attack today. The sophisticated and complex cyber attack took several months to accomplish a breach, which has been acknowledged by the concerning authorities on Sunday.
Response of the United States government
The President of the United States, Donald Trump, has not yet provided any comments regarding the recent cyber attack on the US government. Meanwhile, the newly elected President Joe Biden has vowed to protect the government of the nation along with making the US cyber attack as a reminder to increase the cyber-security of the country has his top most priority as soon as he joins the Office to start his five-year term.
President Joe Biden stated that they require deterring and disrupting the adversaries of the country from undertaking any complex cyber attack on the government in the first place. To prevent any further attack on the country, the United States needs to take drastic measures, along with imposing high costs on those individuals and organizations that are responsible for these malicious cyber attacks, including in coordination with the nation’s partner countries and allies.
The top cyber agency of the United States, CISA (Cybersecurity and Infrastructure Agency), has provided a public warning stating that addressing the recent US cyber-attack that caused the high-level intrusion is a challenging and extremely complex task and would require some time. Due to the cyber attack, there has been extensive damage to several of the critical infrastructures, along with some of the federal and private agencies that have been compromised, and the damage that has been done poses a grave risk to all sectors.
The cyber attack on the United States was initiated in the month of March this year and required the past few months to be complete as the procedure to hack the US department demands patience along with complex tradecraft and operational security. No information has been made public regarding the data which has been exposed or stolen.
It has been confirmed that the US Department of Energy underwent a security breach, although the malware caused by the cyber attack was only isolated to business networking only. The National Nuclear Security Administration that oversees nuclear weapons under the property of the United States has not been affected by security dysfunction.
Consequences of the cyber hack
According to the newly elected president of the United States, Joe Biden, the complete information has not been compiled together into a thorough report that covers the areas that have been affected by the cyber attack on online security.
It has been reported that the hacking organization has at least monitored the influx of the data by the government departments of the United States, including homeland security, defense, state, commerce, and treasury.
According to CISA, the perpetrators were able to manage the breach of the security firewall using network management software that was developed by SolarWinds, which is a Texas-based information technology firm. Along with the US government software update, more than 18,000 also unknowingly downloaded the malicious update of the software.
As soon as the United States government was informed of the breach caused by the cyber attack, all federal civil agencies immediately removed the software by Solar Wind from their servers, but the damage was already done. Other than Solar Winds, additional vectors have also been accessed for evidence regarding the cyber attack.