This past month has seen the announcement of two extensive data breaches by a highly skilled and organized team of hackers leading to US agencies hacked. FyreEye, a cybersecurity firm that helps organizations find weaknesses in their data systems, was the first to reveal that they had been hacked and the tools they use to test clients’ systems taken. A few days later, it was revealed that several US government agencies, and up to 18,000 organizations total, had been breached by the same group.
As more and more of our data, both sensitive and mundane, is stored digitally, hacking, by unaffiliated groups or other nation-states, becomes an ever-greater threat. As an individual, we worry about our social security number, bank account information, or identity being stolen. As a country, we worry about sensitive information about our infrastructure and governmental systems being compromised. And with a presidential election this year in the US, the safety of the country’s governmental systems was of particular concern.
In this hacking incident, the perpetrators used a third party, SolarWinds, to breach the security of 18,000 organizations. Using what is known as a “supply chain attack” the hackers were able to hide their malware in a software update in March, thereby bypassing the security of SolarWinds’ clients. In a small bit of good fortune, because this hack required the perpetrators to spy on each target manually, their reach was limited to 18,000 of SolarWinds’ 300,000 customer base that includes the US government among others.
The Effects of the US Agencies Hacked
As of now, we only know that the hackers were able to steal FireEye’s tools and access the emails of National Telecommunications and Information Administration’s employees for several months. It is believed that the hackers were able to breach systems of the Department of Homeland Security, the State Department, National Institutes of Health, and the Treasury Department though it has yet to be confirmed. Given that a breach of this magnitude requires a large-scale investigation, it could be several years before we learn the full extent of the damage done.
Cybersecurity is, and will increasingly become, a matter of individual, organizational, and national importance. It’s imperative that we learn how to protect our information and institutions from those who would cause harm. If you are interested in learning more about cybersecurity, it’s major challenges, and recent advancements, check out Applied Data Science & Machine Learning for Cyber Security by Charles Givre, coming soon to the Ai+ Training Platform.