What You Should Know About the Cyberattack Against the U.S.A


More news on the massive cyberattack that hit the U.S. this year is likely to come out in the week ahead. Today, more senators have come out to say Russia was behind the attack.

Here’s a recap of what has transpired so far.

On Dec. 13, the New York Times broke a story about the administration of U.S. President Donald Trump admitting that several governmental bodies, including the Pentagon, and the Treasury and Commerce departments, had been broken into by hackers, acting on behalf of a foreign government, possibly Russia.

The story quickly received national attention and raised questions of the effectiveness of security systems inside the government. More details came out the next day –– the Times reported that the hackers used “sufficient tools” and that the attack hit a lot of companies and organizations.

Microsoft Corporation (NASDAQ: MSFT) President Brad Smith said that a review by the company of the attack revealed that more than 40 companies around the world were targeted, 80% of which were U.S. companies. Other countries included the U.K., Belgium, Israel, Canada, Mexico, the U.A.E. and Spain.

While the primary targets were governmental bodies, companies who worked with governments, think tanks, and information and tech companies were also hit.

Hackers broke into Texas-based network management software company SolarWinds Corp (NYSE: SWI), which works with data related to U.S. government agencies and major corporations, and inserted a software bug that gave them access when someone downloaded a SolarWinds update.

About 18,000 customers downloaded the software update, with the bug giving the hackers direct access to their systems, according to CNBC.

Microsoft was one of the companies hacked.

“We have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data,” the software giant said in a statement to CNBC, but added that there was yet “no indication” that the data that was accessed by the hackers was “used to attack others.”

While investigations by different agencies are still ongoing, President-elect Joe Biden already made a statement about toughening the measures on state sponsors of cyberattacks during his term, CNBC reported on Dec. 17.

“We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place. We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners. Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation,” Biden said.

CISA, a governmental agency responsible for cybersecurity, said that it is looking into other possible victims of the incidents and potential platforms, other than SolarWind, that might have been involved, as most of them have not yet been identified.

Russia denies any involvement with the hackers or the attack. Russian President Vladimir Putin’s spokesperson Dmitry Peskov said Russia has “nothing to do with this.”

“Even if it is true, there have been some attacks over many months, and the Americans managed to do nothing about them, possibly it is wrong to groundlessly blame Russians right away,” he told Russian news agency Tass.

Notably, the Russian president today thanked the Foreign Intelligence Service — the same outfit that some international cyber researchers believe was behind the attack — for doing the “exceptionally important” job that it does “for protecting the country,” Reuters reported.

“I expect that the Foreign Intelligence Service will continue to respond flexibly to the highly changeable international context, actively participating in identifying and neutralizing potential threats to Russia, and improving the quality of its analytical materials.”

The scope of the damage from the attack is not expected to be known for a long time, perhaps years, some cybersecurity analysts estimate.