The massive hack of federal government computer networks tied this week to SolarWinds was broader than previously thought, officials acknowledged Thursday.
The extent of the infiltration came into view amid an all-hands-on-deck effort including the FBI, intelligence agencies and cybersecurity officials to find the culprits and stop the damage.
The Cybersecurity and Infrastructure Security Agency issued an alert on Thursday that hackers used multiple ways to breach critical networks beyond malware affecting SolarWinds products, where the attack was first detected.
“CISA has evidence of additional access vectors, other than the SolarWinds Orion platform; however, these are still being investigated,” the agency said.
The agency teamed with the FBI and the Office of the Director of National Intelligence to determine what hackers accomplished by breaching SolarWinds, a Texas-based software company that services several government agencies. While the cybersecurity officials’ latest warning does not identify suspects in the hack, Russia is an obvious candidate.
“This is classic Russian probing. And it makes perfect sense as it comes during a time of transition from one administration to the other,” said Brian Boyd, an intelligence analyst who formerly worked with Joint Special Operations Command. “There is no doubt in my mind that they are taking advantage of our ongoing political infighting.”
President-elect Joseph R. Biden said his team was briefed by career public servants examining the hack. He pledged to hold the hackers responsible for their actions.
Mr. Biden also said his administration intended to spend more money on critical infrastructure and develop relationships with the private sector.
The hazy picture of who conducted the hack, and who is responsible for the cybersecurity and intelligence failures that were exploited, spawned several congressional inquiries.
The House Homeland Security and Oversight and Reform committees launched investigations, and the Senate Finance Committee asked for a briefing from the IRS on whether sensitive taxpayer data was compromised.
Cybersecurity professionals worried the political blame game would drown out calls for better cyber defenses.
“What is really frustrating our political society today is the Republicans and Democrats think the Democrats and Republicans are a bigger threat to our nation than the Russians, the Chinese, the Iranians, and North [Koreans] and violent extremists’ organizations,” said David Maxwell, a Foundation for Defense of Democracies senior fellow, in comments circulated via email. “While we conduct partisan warfare, our opponents are conducting political warfare with cyber operations as a critical line of effort.”
Federal cybersecurity officials said they believe the hack began at least as long ago as March of this year. FireEye, a cybersecurity firm and a SolarWinds customer, looks to be the first to have discovered the cyberespionage campaign and began notifying victims.
FireEye has since worked with Microsoft and GoDaddy to use a software killswitch to disable the hackers’ malware but has not yet found a way to end the full threat posed by the hackers.
⦁ Guy Taylor contributed to this report.
• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.
Please read our comment policy before commenting.