Read on Twitter
New: Inside the deepening crisis consuming the federal govt as agencies scramble to figure out if they've been hacked.
"This is probably going to be one of the most consequential cyberattacks in U.S. history,” a U.S. official told me.
https://www.politico.com/news/2020/12/14/massively-disruptive-cyber-crisis-engulfs-multiple-agencies-445376
"This is probably going to be one of the most consequential cyberattacks in U.S. history,” a U.S. official told me.
https://www.politico.com/news/2020/12/14/massively-disruptive-cyber-crisis-engulfs-multiple-agencies-445376
NSC mtg of Cyber Response Group yielded some progress — govt has a list of hacked agencies, tho more could emerge — but officials still don't know what hackers stole.
"We are in very, very early days," official said, "and there's a sense that...the news is going to get worse."
"We are in very, very early days," official said, "and there's a sense that...the news is going to get worse."
The NSC CRG, following an Obama-era directive, established a Unified Coordination Group to streamline agencies' crisis collaboration.
"We're declaring this a significant cyber event," U.S. official said, using term reserved for crises such as NotPetya.
"We're declaring this a significant cyber event," U.S. official said, using term reserved for crises such as NotPetya.
The NSC will also hold two daily communications meetings to make sure everyone's on same page.
There's no evidence that classified systems have been compromised, but on the other hand, an official told me, "We don't know what has been taken" from unclassified systems.
There's no evidence that classified systems have been compromised, but on the other hand, an official told me, "We don't know what has been taken" from unclassified systems.
Expanding crisis has put new pressure on CISA just as it recovers from Trump's firing of its longtime director.
There are Qs about whether CISA has enough personnel to help the govt recover from this.
“They are overwhelmed,” U.S. official said.
CISA says it's ready.
There are Qs about whether CISA has enough personnel to help the govt recover from this.
“They are overwhelmed,” U.S. official said.
CISA says it's ready.
CISA has roughly 2,200 employees, but only a small portion of them are digital firefighters who swoop into agencies to help respond to crises like this.
“NSA we aren’t,” a CISA employee told me, referring to the gulf b/w the workforces of the defensive and offensive agencies.
“NSA we aren’t,” a CISA employee told me, referring to the gulf b/w the workforces of the defensive and offensive agencies.
There's still a lot we don't know about this crisis.
I'm still working to confirm a few agencies that I've heard have been hacked.
Also, NYT reported today that the govt first learned about all this from FireEye, after it investigated its own breach: https://www.nytimes.com/2020/12/14/us/politics/russia-hack-nsa-homeland-security-pentagon.html
I'm still working to confirm a few agencies that I've heard have been hacked.
Also, NYT reported today that the govt first learned about all this from FireEye, after it investigated its own breach: https://www.nytimes.com/2020/12/14/us/politics/russia-hack-nsa-homeland-security-pentagon.html
"If this actor didn’t hit FireEye, there is a chance that this campaign could have gone on for much, much longer," a FireEye executive told Bloomberg, adding that they "looked through 50,000 lines of source code" to discover the SolarWinds backdoor. https://www.bloomberg.com/news/articles/2020-12-15/fireeye-stumbled-across-solarwinds-breach-while-probing-own-hack
Will leave you with this, from the NYT story:
"Analysts said it was hard to know which was worse: that the federal government was blindsided again by Russian intelligence agencies, or that when it was evident what was happening, White House officials said nothing."
"Analysts said it was hard to know which was worse: that the federal government was blindsided again by Russian intelligence agencies, or that when it was evident what was happening, White House officials said nothing."
Can confirm: NIH and State were breached, per a U.S. official. They join Treasury, NTIA, DHS, and USDA on the list of agencies known to be compromised so far. https://twitter.com/nakashimae/status/1338698953517379589
Readout of last night's CISA briefing for congressional staff, from a staffer:
* Some agencies didn't turn in emergency directive reports on time
* ED led one agency to discover breach ( @snlyngaas first reported)
* Concern about value/efficacy of $6b CDM monitoring program
* Some agencies didn't turn in emergency directive reports on time
* ED led one agency to discover breach ( @snlyngaas first reported)
* Concern about value/efficacy of $6b CDM monitoring program
