Apple Magazine



Leading technology companies said that a monthslong breach of corporate and government networks was so sophistica­ted, focused and labor-intensive that a nation had to be behind it, with all the evidence pointing to Russia.

In the first congressio­nal hearing on the breach, representa­tives of technology companies involved in the response described a hack of almost breathtaki­ng precision, ambition and scope. The perpetrato­rs stealthily scooped up specific emails and documents on a target list from the U.S. and other countries.

“We haven’t seen this kind of sophistica­tion matched with this kind of scale,” Microsoft President Brad Smith told the Senate Intelligen­ce Committee.

Smith said investigat­ors estimate at least 1,000 highly skilled engineers would have been required to develop the code that hijacked widely used network software from Texas-based SolarWinds to deploy malware around the world through a security update.

“We’ve seen substantia­l evidence that points to the Russian foreign intelligen­ce agency, and we have found no evidence that leads us anywhere else,” Smith said.

U.S. national security officials have also said Russia was likely responsibl­e for the breach, and President Joe Biden’s administra­tion is weighing punitive measures against Russia for the hack as well as other activities. Moscow has denied responsibi­lity for the breach.

Officials have said the motive for the hack, which was discovered by private security company FireEye in December, appeared to be to gather intelligen­ce. On what, they haven’t said.

At least nine government agencies and 100 private companies were breached, but what was taken has not been revealed.

White House press secretary Jen Psaki said this week that it would be “weeks, not months,” before the U.S. responds to Russia.

“We have asked the intelligen­ce community to do further work to sharpen the attributio­n that the previous administra­tion made about precisely how the hack occurred, what the extent of the damage is and what the scope and

scale of the intrusion is,” Psaki said. “And we’re still in the process of working that through now.”

FireEye CEO Kevin Mandia told the Senate that his company has had nearly 100 people working to study and contain the breach since they detected it, almost by accident, in December and alerted the U.S. government.

The hackers first quietly installed malicious code in October 2019 on targeted networks, but didn’t activate it to see if they could remain undetected. They returned in March and immediatel­y began to steal the login credential­s of people who were authorized to be on the network so they could have a “secret key” to move around at will, Mandia said.

Once detected, “they vanished like ghosts,” he said.

“There’s no doubt in my mind that this was planned,” the security executive said. “The question really is where’s the next one, and when are we going to find it?”

Government agencies breached include the Treasury, Justice and Commerce department­s, but the full list has not been publicly released. The president of Microsoft, which is working with FireEye on the response, said there are victims around the world, including in Canada, Mexico, Spain and the United Arab Emirates.

The panel, which also included Sudhakar Ramakrishn­a, the CEO of SolarWinds who took over the company after the hack occurred, and George Kurtz, the president and CEO of CrowdStrik­e, another leading security company, faced questions not just about how the breach occurred but also about whether hacking

 ??  ??
 ??  ??
 ??  ??
 ??  ??
 ??  ??
 ??  ??

Newspapers in English

Newspapers from USA