It was clear from the start that a cyberattack by suspected Russian hackers aimed at several US government agencies was going to be bad. One clue: US National Security Adviser Robert O’Brien cut short a trip overseas to rush back to Washington to help manage the crisis.
On Thursday, the reality of just how sprawling — and potentially damaging — the breach might be came into sharper focus.
It started with a bulletin from the US Cybersecurity and Infrastructure Security Agency (CISA), warning that the hackers were sophisticated, patient and well-resourced, representing a “grave risk” to federal, state and local governments, as well as critical infrastructure and the private sector.
Bloomberg News reported that at least three state governments were hacked, which followed reports of other breaches: the city network in Austin, Texas, and the US nuclear weapons agency. Software giant Microsoft Corp also said its systems were exposed.
The US Department of Energy and its National Nuclear Security Administration, which maintains the country’s nuclear stockpile, said that the malware was isolated to business networks and did not affect national security functions.
Nonetheless, the effect of the revelations was confirmation that no single person or agency is certain of exactly what the hackers had infiltrated, let alone the full extent of what was taken.
US president-elect Joe Biden interrupted a series of high-profile appointment announcements to weigh in.
“I want to be clear: My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority from the moment we take office,” Biden said.
So far, US President Donald Trump has not commented on the attack.
The hackers installed what is known as a backdoor in widely used software from Texas-based SolarWinds Corp, whose customers include myriad government agencies and Fortune 500 companies.
That malicious backdoor, which was installed by 18,000 SolarWinds customers, allowed the hackers access to their computer networks.
US authorities — and governments around the world — are only now beginning to uncover who was unlucky enough to receive the hackers’ full attention.
Microsoft said it detected the backdoor in SolarWinds’ software in its “environment” and had “isolated and removed” it.
The company said that none of its customer data nor its products were accessed or used to further attacks on others.
In a blog post, Microsoft said it had identified more than 40 customers that the hackers had “targeted more precisely and compromised,” including “security and other technology firms,” think tanks and government contractors, in addition to government agencies.
BUSY DAY: The same day the USS ‘Barry’ passed through the Strait, Taiwan was ending its Han Kuang military exercises, while China said it conducted an exercise near Taiwan A US Navy ship on Friday sailed through the Taiwan Strait, marking the ninth time a US military vessel has transited the Strait since US President Joe Biden took office in January. The USS Barry, an Arleigh Burke-class guided-missile destroyer, conducted a “routine” transit through the Strait, the US Navy said in a statement, adding that the journey through international waters was conducted “in accordance with international law.” “The ship’s transit through the Taiwan Strait demonstrates the US’ commitment to a free and open Indo-Pacific,” the US Navy said. “The United States military flies, sails and operates anywhere international law allows.” The Ministry
CLOSED FOR DISINFECTION: Two of the three local cases were linked to a cluster infection at a kindergarten, while the other case works at a McDonald’s restaurant The Central Epidemic Command Center (CECC) yesterday reported three new local COVID-19 infections and 11 imported cases, but no deaths. The local cases are two men and a woman aged between 20 and 80 who reside in Taipei, New Taipei City and Taoyuan, the CECC said in a news release. Two of them are linked to a cluster infection at a kindergarten in New Taipei City’s Banciao District (板橋), said Centers for Disease Control Deputy Director-General Chuang Jen-hsiang (莊人祥), who is the CECC’s spokesman. He said they are both associated with the mother of a kindergarten student, who was earlier confirmed to have
BIOLOGICAL AGENT: A containment exercise was held in southern Tainan, in response to a mock assault where troops were assumed to be attacked by bioweapons The live-fire component of this year’s annual Han Kuang military exercises, Taiwan’s major war games involving all military branches, began yesterday morning and is to run until Friday to test the armed forces’ capability to fend off a Chinese invasion. The 37th edition of the annual event officially began after the Ministry of National Defense’s Joint Operations Command Center, also known as the Hengshan Command Center, announced the initiation of the five-day live-fire drills. Yesterday’s drills were focused on testing the military’s preservation and maintenance of combat capabilities in the event of a full-scale Chinese invasion. As part of the drills, air force
WELCOME BACK: Foreign spouses or minor children of Taiwanese can now directly apply for a visa with representative offices overseas, the CECC said Regulations on applications for entry to the nation by foreign spouses or minor children of Taiwanese have been relaxed effective immediately, the Central Epidemic Command Center (CECC) said yesterday, as it reported two new local and three imported cases of COVID-19. Deputy Minister of the Interior Chen Tsung-yen (陳宗彥), deputy head of the center, said the relaxation meant that such applications would be treated as general cases, instead of special ones that are reviewed on a case-by-case basis. “Considering the recent local COVID-19 situation and the needs of foreign spouses and children to visit their family in Taiwan, we are allowing Taiwan’s