Billions spent on U.S. cyberdefenses failed to detect giant Russian hack
Over the past few years, the U.S. government has spent tens of billions of dollars on cyberoffensive capabilities, building a giant war room at Fort Meade, Maryland, for U. S. Cyber Command, while installing defensive sensors all around the country — a system named Einstein to give it an air of genius — to deter the nation’s enemies from picking its networks clean, again.
It now is clear that the broad Russian espionage attack on the U.S. government and private companies, underway since spring and detected by the private sector only a few weeks ago, ranks among the greatest intelligence failures of modern times.
Einstein missed it — because the Russian hackers brilliantly designed their attack to avoid setting it off. The National Security Agency and the Department of Homeland Security were looking elsewhere, understandably focused on protecting the 2020 election.
The new U. S. strategy of “defend forward” — essentially, putting American “beacons” into the networks of its adversaries that would warn of oncoming attacks and provide a platform for counterstrikes — provided little to no deterrence for the Russians, who have upped their game significantly since the 1990s, when they launched an attack on the Defense Department called Moonlight Maze.
Something else has not changed, either: an allergy inside the U.S. government to coming clean on what happened.
The national security adviser, Robert C. O’Brien, cut short a trip to the Middle East and Europe on Tuesday and returned to Washington to run crisis meetings to assess the situation, but he and his colleagues have done whatever they could to play down the damage.
Asked Tuesday whether the Defense Department had seen evidence of compromise, the acting defense secretary, Christopher C. Miller, said, “No, not yet, but obviously looking closely at it.” Other government officials say that is trying to turn ignorance about what happened into happy spin — it is clear the Defense Department is one of many government agencies that made extensive use of the software that Russia bored into.
At the very moment in September that President Vladimir Putin of Russia was urging a truce in the “large-scale confrontation in the digital sphere,” where the most damaging new day-to- day conflict is taking place, one of his premier intelligence agencies had pulled off a sophisticated attack that involved getting into the long, complex software supply chain on which the entire nation now depends.
So far, and it is early yet, the hack appears to be limited to classic espionage, according to a person briefed on the matter.
The Russians have denied any involvement. The Russian ambassador to the United States, Anatoly I. Antonov, said there were “unfounded attempts by the U. S. media to blame Russia” for the recent cyberattacks, in a discussion hosted by Georgetown University on Wednesday.