US agencies, companies secure networks after huge hack
WASHINGTON (AP) — U.S. government agencies and private companies rushed Monday to secure their computer networks following the disclosure of a sophisticated and long-running cyber-espionage intrusion that experts said almost certainly was carried out by a foreign state.
It was not yet clear who was responsible for the intrusion, though it was reportedly conducted by Russia, and the extent of the damage is not yet known. The potential threat was significant enough that the Department of Homeland Security’s cybersecurity unit directed all federal agencies to remove compromised network management software and thousands of companies were expected to do the same.
What was striking about the operation was its potential scope as well as the manner in which the perpetrators managed to pierce cyber defenses and gain access to email and internal files at the Treasury and Commerce departments and potentially elsewhere. It was stark evidence of the vulnerability of even supposedly secure government networks, even after well-known previous attacks.
“It’s a reminder that offense is easier than defense and we still have a lot of work to do,” said Suzanne Spaulding, a former U.S. cybersecurity official who is now a senior adviser to the Center for Strategic and International Studies.
The campaign came to light when a prominent cybersecurity firm, FireEye, learned it had been breached. FireEye would not say who it suspected, though many experts quickly suspected Russia given the level of skill involved, and alerted that foreign governments and major corporations were also compromised.