The Russia connectionRevelations of Cyberattacks on U.S. Likely Just “Tip of the Iceberg”
Russian government hackers have infiltrated the computer networks of some of the nation’s biggest corporations, leading defense contractors, and top U.S. government agencies, including those in national security branches, in what security analysts believe is a “very significant” breach. The Russian espionage campaign was “sustained, targeted, far-reaching,” analysts say.
Hackers have infiltrated the computer networks of some of the nation’s biggest corporations, leading defense contractors, and top U.S. government agencies, including those in national security branches, in what security analysts believe is a “very significant” breach.
So far, the Department of Homeland Security, parts of the Pentagon, the U.S. Treasury, the Commerce Department, the Centers for Disease Control and Prevention, and the National Institutes of Health are known to have had systems attacked through malware installed on widely used network monitoring software. The software’s ubiquity and the likelihood that the hackers had access for months means there could be many other targets affected, including the National Security Agency.
U.S. officials reportedly only learned of the breach recently after a private cybersecurity firm, FireEye, informed them that some hacking tools had been stolen, according to The New York Times. The breach’s full scope and precise methodology remain unknown, but analysts say its complexity and tradecraft point to Russia’s foreign intelligence service as the likeliest perpetrator.
The Harvard Gazette’s Christina Pazzanese spoke with Paul Kolbe, a former senior CIA official and Russia specialist who now oversees the Belfer Center’s Intelligence Project at Harvard Kennedy School (HKS), and Lauren Zabierek, executive director of the Center’s Cyber Project, to gain a deeper understanding of the cyberattack and a sense of what the U.S. may do next.
Christina Pazzanese: How damaging does this appear to be?
Paul Kolbe: We’re probably seeing the tip of the iceberg right now. What’s clear is that the sophistication, the scope, the depth of this, and how long-lasting it was, how many government and nongovernment entities that it affected, is really significant. If one [means] in bypassing security systems was manipulating or bypassing the two-factor authentication, which many companies and places … use, that would be very significant because that’s a primary defense that financial systems, highly classified systems, systems that organizations are trying to provide extra security use. If they’re finding ways past that, that both increases the potential damage and it carries wider implications than just this specific series of hacks.
It’s a major incident and it’s exceptional in that it’s come out, but it’s not exceptional in terms of the types of activity that happen every day, the types of espionage that are conducted against U.S. government and corporations.
