Skip to main content

Russia's Hack Wasn't Cyberwar. That Complicates US Strategy

posted onDecember 21, 2020
by l33tdawg
Wired
Credit: Wired

The list of US government agencies compromised in the SolarWinds hack continues to expand, with reports of infiltrations at Treasury, Commerce, Homeland Security, and potentially State, Defense, and the CDC. This is a big deal for national security: It is the largest known data breach of US government information since the Office of Personnel Management hack in 2014, and could give hackers a trove of inside information.

Though the scope of this hack is still being determined, such an extraordinary breach begs a fairly obvious question: Is US cyber strategy working? The US has historically relied on, first, a deterrence strategy and, more recently, the idea of “defend forward” to prevent and respond to malicious behavior in cyberspace. Is a failure of these strategies to blame? The answer (like all things political) is complicated.

First off, it’s important to establish what this hack was. The fact that a purportedly nation-state actor (likely Russia) was able to compromise a third party (SolarWinds) to gain access to an as-yet-unknown number of US government networks and exfiltrate data is a significant espionage achievement. And it illustrates how third-party vendors can provide an avenue for threat actors to conduct espionage campaigns at a scope and scale typically not seen outside of cyberspace.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th