America Under Attack: A Massive Security Breach
On December 13, 2020, the U.S. Government announced that it had experienced the most damaging hack in its history. The culprit was a Russian agency named APT29 or Cozy Bear, a branch of the SVR (Russia’s Foreign Intelligence Service). The espionage mission took place worldwide, throughout Europe, Asia, North America and the Middle East. The United States was affected by the plot the most, with many government offices and security agencies getting attacked. Many other countries fell prey to the hacking, including the UK, Canada, Mexico, Belgium, Spain, the UAE and Israel. It is believed that many other countries were affected by this global act of espionage and have yet to ascertain the exact extent to which the hack impacted them.
This enormous hacking job was done through attaching malware (malicious software) to the updated software of the popular software company SolarWinds’ Orion Platform. SolarWinds, an American IT company based in Austin, Texas that helps manage and create companies’ software for networks, systems, and information technology, is extremely popular among government offices in the US and worldwide, as well as among numerous large corporations. Government offices such as the US Treasury Department, the US Department of Homeland Security, as well as many international government agencies, including NATO (the North Atlantic Treaty Organization), and Forbes 500 companies, such as Microsoft, also use the software.
In 2014 and 2015, under the Obama administration, there had been several prior attempts to hack United States security agencies. In 2015 there was even a breach into the email servers of the White House and the Democratic National Convention. The culprit of this act was the same Russian hacking group involved in the most recent attack- the SVR. During this 2015 hack, information was stolen, but none of it was leaked or shared with American enemies. The hacking of the White House and the DNC by the SVR was widely ignored since it was believed that this was a common espionage mission, an act which all countries perpetrate in order to obtain intelligence about allies and enemies alike. However, during the current Russian hacking plot, which may have started as early as March 2020, the SVR has been hacking and stealing information from governments and big businesses globally, a hacking job too large to be ignored.
The US is still attempting to determine just how much information has been stolen and what Russia plans to do with the information. As a result of a hack of this magnitude, the US needs to decide what to do next, and must tread with care. The consequences of this attack can prove to be detrimental to the US. Thomas Bossart, one of outgoing President Trump’s former homeland security advisers, believes that it may take years to mend the damage inflicted by the hacking, and “[the US] must act as if the Russian government has control of all the networks it has penetrated.” The US is now required to reset its security networks and develop new networks that are not connected to any compromised softwares. Additionally, a decision about punishing Russia must be made. Some believe that the US should impose sanctions on Russia in response, others suggest that the US should retaliate through a hacking and leaking operation against Russia of its own, and some believe that the US shouldn’t rush to accuse Russia. Rather, they contend, the US should first investigate and work to establish more proof that Russia is indeed responsible for this plot.
As a result of this attack, the US, along with many other countries and big corporations, are being forced to change and improve their networks’ security. SolarWinds is likely to face legal action for its role in the hack, and the company’s stock is very likely to plunge. As of now, the SVR is seemingly not interested in leaking the information it obtained, but the US needs to stay alert since Russia now holds an exorbitant amount of high end, classified information that can prove detrimental to many countries and businesses, including the US, if released.