There is an awful irony in the hack of US agencies as part of some 250 networks compromised by Russian hackers last year. Piggy-packing on Orion software used to manage the many computers on a network – made by US firm SolarWinds – these hackers have gained unprecedented and seemingly unlimited access to American secrets.
It was a catastrophic failure of cybersecurity, arguably the greatest cyber hack in modern times. It’s akin to the Allies capturing the Nazi’s cryptography device, the Enigma machine, which allowed them to eavesdrop on German military communications.
Instead of directly attacking the networks themselves, the hackers found a softer target: SolarWinds, which was infamous for its lackadaisical approach to its own security. Based in Austin, Texas, SolarWinds proved to be the weak link that hackers exploited to infiltrate high-profile US agencies, including US Commerce, Treasury, Homeland Security, and Energy Departments. They seemingly had access from October 2019 and unknowingly distributed the Russian-implanted backdoor to some 18,000 Orion customers.
Their outrageous exploits were only uncovered because they hacked – rather embarrassingly – well-known US cybersecurity firm, FireEye. CEO Kevin Mandia said at the beginning of December that their tools for testing client’s security – known as “red team” tools – had been stolen by a state-sponsored “highly sophisticated threat actor”.
Not surprisingly, “the attacker primarily sought information related to certain government customers” he added.
As the month unfolded, the number of compromised victims grew to over 250, according to Microsoft, whose security division tracked the hack and helped shut down the links, with hosting firm GoDaddy, which the compromised computers were smuggling data back to. Microsoft itself was also compromised, it later said.
If World War Three will be fought in cyberspace, then the Russians just won the first battle. It was digital guerrilla warfare, worthy of James Bond. The enemy – in this case the American establishment – didn’t see them coming.
If this was a history of war column, this bold and audacious raid deep into enemy territory would go down in the annals for its sheer daring. Except it was the wrong side’s victory. The old Cold War foe, outdone in the end by the strength of America’s post-war industrial and commercial power – capitalism defeated Communism in that round – and by the leaps of innovation in microprocessors (Intel, Texas Instruments), computer manufacturers (Apple, Dell, HP, Sun) and software companies (Microsoft, Oracle, Adobe, Apple, Google, Facebook). Outclassed and beaten by a superior ideological and economic belief system, and ruined by a perilously low price for oil, the one resource it has in abundance, Russia has struck back with a decisive and embarrassing blow deep into the heart of its old enemy.
Among the many bizarre and baseless statements from thankfully former US President Donald Trump, was that China and not Russia was behind the attack – despite his own officials declaring Moscow’s cyber spies as the culprits.
Chinese companies that have been relentlessly pursued by Trump – including Huawei and TikTok – could be forgiven for smiling into their beers at the irony of being accused of providing a backdoor in its telecoms equipment while Trump’s bizarre bromance with Vladimir Putin prevented him seeing who the real enemy was.
The real damage to American security and the extent to which its secrets have been compromised is still to be determined, and the true extent may never be known.
This article first appeared in the Financial Mail.
