By Alexander Geiger shutterstock.com
It can never be said that Russian hackers are at it again, considering how they’ve never stopped. Their zero bullets approach to world domination is being fought by geeks in bottle-lensed glasses who are the absolute best in the world at what they do.
In 2020 Russian hackers gave the U.S. a much-needed wake-up call when they successfully broke into the servers of several federal agencies. The damage wasn’t extensive though it may have only been a trial run to see how far they could get.
Cybersecurity experts say that over the last few months the hackers have stepped up their attempts at infiltrating government networks in the U.S. and throughout Europe.
According to Charles Carmakal, senior vice president at Mandiant, a large cybersecurity firm involved in international hacking attempts, many of the Russian hacker’s past successes have gone unreported. Multiple worldwide technology firms have had their sensitive files invaded.
He said the Russians make his firm’s job difficult by continually employing new tools, strategies, and techniques. They remain on the cutting edge of diabolical and undetectable software.
“The group has compromised multiple government entities, organizations that focus on political and foreign policy matters, and technology providers that provide direct or indirect access to the ultimate target organizations within North America and Europe,” Carmakal said. Due to security reasons and protocol, he wouldn’t reveal the previously hacked companies.
A U.S. official speaking under the terms of anonymity said the federal government is working diligently to keep up with the hackers and said that “the issue has come up in recent National Security Council meetings.”
This is where a federal contractor by the name of SolarWinds enters the picture. The company manufactured the very software used by Russian hackers to infiltrate nine U.S. federal agencies, and perhaps more.
For months the hackers scoured the unclassified emails of every employee at the Department of Homeland Security and the Department of Justice, among other departments and agencies. They leisurely strolled, undetected.
The federal government, being what it is, wasn’t the one who caught up with the hackers. It was Mandiant’s founding and former parent company, FireEye, a privately owned firm. Who expected less?
The Biden administration offered up its obligatory admonishment of the Russian hackers for their latest bad-boy behavior. It’s their contention that the SVR, Russia’s foreign intelligence service, is behind the most recent attacks. Putin and his pals deny it and say they have no idea what anyone’s talking about.
Embarrassed U.S. Homeland Security Secretary Alejandro Mayorkas had no choice but to go with the obvious when he said the U.S. needs to get better and faster with its cybersecurity defenses. “Our government got hacked last year and we didn’t know about it for months,” he said. It remains to be seen whether or not his watered-down words will gel into actions.
In reference to a new set of security standards set for cyber-crime bounty hunters, Deputy Attorney General Lisa Monaco said the government would use every resource in its possession as “civil enforcement tools to pursue companies — those who are government contractors or receive federal funds — when they fail to follow required cybersecurity standards.”
Monaco’s words look good on paper, but while for some obscure reason civilian cybersecurity firms are the bullseye painted on her target, it was them and not her people who caught the last batch of hackers, standards or not. And as far as SolarWinds, they didn’t intentionally develop software for the sole purpose of the Russians re-writing the code for their own purposes.
Cyber-war is no joke. We may not lose nearly as many lives, but we can certainly lose the country if we don’t win.