- Meet Ralph
- Current Issues
- Serving You
- Emergency Preparedness
- Tele-Town Hall Signup
- Help with a Federal Agency
- Expedited Passports
- Visiting Washington
- Meeting Request
- Service Academy Nomination
- Congressional Commendation
- Appropriations Request
- Flag Request
- Federal Grants
- Congressional App Challenge
- Congressional Art Competition
- Surplus Books
- Internships
- Kids Page
- Media
- Contact
Blog
Five Important Things to Know About Russian Hack
Washington, D.C.,
December 21, 2020
Five (5) important things to know about suspected Russian hacking of U.S. computer systems.
First, this was a MASSIVE breach of the computer networks of multiple U.S. government agencies plus approx. 18,000 companies. It’s likely one of the largest cybersecurity attacks in our history, and when the dust settles it may end up being even more widespread than anyone currently knows.
Second, initial reports indicate that Russia is behind this effort, and over the weekend we learned there could be another state-level actor as well. If there’s an additional adversary, it’s too early to know whether they’ve been acting in coordination with Russia or independently on their own. We’ll know more in the coming weeks and months. Third, if you keep hearing about “SolarWinds” but aren’t sure what that is, it’s the name of a company that provides remote management software for large computer networks. Government agencies and most larger companies use remote management software to help maintain all their computers. SolarWinds is one of several companies that develops this type of software. It’s believed hackers were able to infiltrate SolarWinds and then quietly create a “backdoor” in their remote management software. (Think of a backdoor as a way for hackers to easily access a network while bypassing normal security.) So over time as SolarWinds pushed out software updates, this backdoor was installed on the computer networks of thousands of their clients. Each instance quickly phoned home to the hackers letting them know the network was available to explore and exploit. Fourth, it will take MANY months for investigators and security experts to discover what information has been stolen and unravel all the damage. Most competent hackers try to destroy log files (i.e. electronic records of what they did) and create additional backdoors, in case the first one is discovered and closed. So the fallout and recovery from this will likely take a long time. Fifth and most important, we do NOT yet know whether Russia’s underlying effort here was (A) for espionage / spying, (B) to eventually cause chaos & destruction, or (C) both. Our nation needs to respond to this, and our adversaries must never doubt there will be severe consequences for these types of attacks. But understanding what Russia was trying to accomplish is fundamental to that response. |