It might be hard to see in the midst of Donald Trump’s daily assault on U.S. democracy, but America’s enemies are still out there and still up to no good.
Now there’s word that hackers backed by the Russian government have breached the U.S. Treasury and Commerce Departments, specifically the office that sets internet and telecommunications policy. A Saturday report from Reuters suggests that the hackers found their way in using the department’s “office software,” Microsoft Office 365.
The “highly sophisticated” hackers, who were confirmed to be Russian state agents in a subsequent Washington Post story, were reportedly able to trick the authentication controls governing Microsoft’s productivity suite, which includes software like Word, Excel, and the email app Outlook. U.S. officials believe the hackers were watching staff emails at the National Telecommunications and Information Administration for months.
The WaPo story suggests that the effort “may amount to an operation as long-running and significant as one that occurred in 2014-2015.” It also notes that the breach occurred through the network management system called Solar Winds, making no mention of the Office 365 factor. It’s entirely possible that both platforms served as a way in for the hackers.
As if that’s not terrible enough, there are concerns that the hackers were able to infiltrate other U.S. government offices as well. Both reports note that the investigation is in its early stages, and that officials across multiple agencies are working to suss out the full scope of the breach.
As far as nefarious acts go, the reports only mention email monitoring — though that’s certainly a major security risk on its own. Word of the breach, which was seemingly just discovered, prompted a Saturday meeting at the White House for the National Security Council.
The news comes weeks after Donald Trump unceremoniously fired Christopher Krebs, the now-former director of the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Krebs received his walking papers after asserting, in his official capacity, that 2020’s election was among the most secure in modern history.
That result of course flies in the face of Trump’s continued insistence that the 2020 election was rigged, despite the absence of any evidence to support the contention, and almost 60 failed attempts to overturn the election using the U.S. judiciary. In fact, Trump lost decisively to President-elect Joe Biden, and his efforts to change the result have subsequently led to repeated losses in court.
Neither report mentions Krebs or election security, but the former U.S. official’s dismissal seems noteworthy here. How much more quickly might government agencies have reacted if the country’s cybersecurity chief hadn’t been forced to waste his time wading through the political firestorm set off by a president who won’t accept objective reality? How much did his firing more than a month ago affect the DHS’s ability to keep the federal government’s computer systems secure?
UPDATE: Dec. 13, 2020, 5:48 p.m. EST Updated with additional information from the Washington Post story.