US Department of Energy and National Nuclear Security Administration (NNSA) confirmed that its nuclear system has been breached. They called it the worst cyber attack on US government in history. This department is responsible for managing all nuclear weapons. Cybersecurity and Infrastructure Agency (CISA) reported to media that the hack probably began in March 2020. Skillful attackers demonstrated complex tradecraft according to CISA. They mapped the network patiently without getting detected by US systems. However, the hackers did not compromise the security of the arsenal which is the responsibility of NNSA.
Many US officials suspect that Russia is behind this attack but reportedly the Kremlin denied. It was a very sophisticated attack that was targeting multiple organization for several months. Microsoft also reported that it detected a malicious software in its networks. The Department of Treasury and Commerce also faced security risk in the hack.
Worst Ever Cyber Attack On US Brings Attention To Donald Trump
President Donald Trump kept delaying his response to the attack. This led social media users to bombard the platform with serious allegations against Trump. They hinted that the President might be involved with Russia in an attempt to disrupt or manipulate US nuclear program. However, these allegations are not confirmed yet.
Still, users threw a string of hard-hitting questions against the US President. Trump has praised Russia’s President Vladimir Putin multiple times. He also promoted Russian Vaccine Sputnik V and Americans slammed him for it. People were concerned about why Donald Trump doesn’t ever criticize Putin.
Some opined that Trump is a Russian asset who operated from White House and allowed this attack. This cyber attack on US did not prove deadly but it probably gave away structure of the network. While, Trump’s days in office are numbered, experts believe that external forces are constantly trying to prevent him from ever leaving his seat.
If it is true then malicious attackers might have placed different loopholes and dummies while they were exploring the sensitive network.
It is alarming for many that Trump usually tweets a lot but now he is silent at the most risky hack in the country.
Who Stepped Up In Absence Of The President?
President-elect Joe Biden announced that that cyber-security would be the first priority of his administration. This adds to the list of other urgent decision which he claimed to make on first day as President. He did not exactly point out that it was a Russian attack but assured to fight any adversary that tried to attack US. He promised to impose heavy punishments on malicious attackers while coordinating with its allies.
CISA warned that it is a very challenging and complex process to undo the effects of this intrusion. Reportedly the key infrastructure has been badly damaged and private and federal organizations have been compromised as well. However the agency did not identify what kind of information had been exposed or stolen.
Why US Failed To Respond Properly?
It is going to take a lot of time and effort for the government departments to identify what data is stolen over the course of 7 to 8 months. They would also need to find the location of backdoors in the networks that hackers may have left open for future access. It can result in a catastrophic scenario on the real-world if the US doesn’t fix their digital world soon.
There is not much evidence to claim that if hackers had any intention to activate the nuclear system or sabotage. However, the fears are still there. The event exposed that the US defense system was not able to spot and prevent the hackers.
How Hackers Coordinated This Attack?
Hackers can use their skills and get monitored data from multiple US departments. For this hack they used a network management software, Orion made by SolarWind. It is an IT company based in Texas, US. Attackers added a backdoor in the updates and around 18,000 of Orion’s customers gave them access by downloading those updates. CISA is searching for evidence of access sources others than Orion.
Microsoft reported that more than 40 of its customers also became victim of this cyber attack. These customers include various government agencies, tech companies, NGOs and think tanks. Around 80% of them were US customers, while others were in attacked in Mexico, Canada, Israel, UK, UAE, Spain, and Belgium.