(TNS) — The apparent reach of Russian cyber sleuthing is hitting new levels with
Washington stumbling to contain it. The evidence is coming in a post mortem look at a hack of top government agencies that's turning up as a much bigger intrusion into
Washington's computer links.
What was originally thought as a containable problem is turning into the opposite. Suspected Russian hackers are delving into much wider world of official programs, protective systems and software operating in the business world.
It's not clear what the outsiders, strongly suspected to be
Moscow's top foreign intelligence service, are up to. The probing at issue may just be exploratory, a way to find weaknesses to exploit later. Or the effort may have left malware to wreak havoc when triggered. But the approach is cleverly designed to exploit gaps in this country's defenses.
By hitting software firms, not the government agencies themselves, the hackers are trying a new tactic.
Washington's encircling cyber defenses can be dodged and subverted via a business world backdoor. It gets worse: Overseas alarm bells set up by the
National Security Agency didn't spot the problem, and a costly detection system known as Einstein didn't work.
The results were finally discovered by
CrowdStrike and
FireEye, a pair of cyber security firms, and Microsoft, which spotted the invaders. That spread the issue of online subversion to a new level as these private companies are drawn in as targets. The hacking probes can jump from these sources to their customers and on and on. It's especially troubling that
FireEye, which sells cyber protection tools and has extensive federal contracts, was itself invaded by hackers.
A major starting point is believed to be
SolarWinds, a tech firm that sells remote information technology to firms around the world. By tapping into that company's software, the hackers could burrow into its clients as well. That allowed
Moscow to use servers in the
U.S. not normally monitored by foreign-focused detection systems.
The sound from the
Trump White House is crickets. Apparently there's no need to bring up Russian hacking when it conflicts from the plainly untrue presidential denials about prior election interference. For the record,
Moscow denies any involvement or knowledge. That makes the security issue another problem to plop on
Joe Biden's
desk come
Jan. 20.
The probes burrowed into the likes of the
Treasury Department,
Homeland Security and
National Institutes of Health. That's a reach that touches vital areas such as financial controls, border security and health research, including work on the viral pandemic.
The next steps to counter the problem aren't simple. Private firms, especially those peddling cyber protection, need to be more watchful. For example, former employees at
SolarWinds said security was lax, a problem usually blamed on the expense that vigilance brings. If companies can't vouch for the security of their products, then the government needs to dump them and find better ones.
Even that action may not do the job. Cyber spying is a back-and-forth game. There may be arms treaties and codes of conduct, but none of that applies to cracking into computer systems, raiding secret files or copying scientific data. Presumably
Washington is at it as well, shown by a plan that disrupted Iranian nuclear weapons work in 2010.
The espionage game will surely continue on a new but unfamiliar battlefield. That makes all the more important for the next president to expect stronger defenses, not morning-after explanations of damaged security.
(c)2021 the San Francisco Chronicle. Distributed by Tribune Content Agency, LLC.
