Federal authorities have expressed serious concern upon the cybersecurity hack that was detected earlier this week, as it carries great threat to energy networks, the electric grid and even agencies like the Department of Energy.
The hack, believed to be carried out by Russian hackers, infiltrated Solar Winds networks, a Texas-based company; as many federal agencies use Solar Winds software, they got hacked through an update containing a malware called “Sunburst”.
Earlier this Friday, the Department of energy confirmed its networks were among the affected by the malicious update. “At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the Department,” DOE said in a statement.
As DOE along with the National Nuclear Security Administration (NNSA) are the gatekeepers of the U.S nuclear weapons stockpiles, there was serious concern about it being hacked. DOE denied it and said any of their national security functions, including the NNSA were hacked.
“When DOE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DOE network,” the Department said.
Recommended for you: Alberta gives grants to Canada’s big oil companies for new COVID-19 contractors
The worst hack in U.S. history
President elect, Joe Biden, stated: “We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place. We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”
“There’s a lot we don’t yet know, but what we do know is a matter of great concern,” he concluded.
The exact number of agencies and federal networks impacted by the hack is not yet fully calculated. In late Thursday, Microsoft via a blog post, said it had identified more than forty government agencies, non-governmental organizations and companies infiltrated. It said mainly in the U.S., and mainly tech companies. But entities in Mexico, Canada, the United Kingdom and the United Arab Emirates were some countries among the affected.
“This is not ‘espionage as usual,’ even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world,” Microsoft said.
Some U.S. energy utilities were too among the affected. According to cybersecurity firm Dragos, there are some industrial entities hacked, although their identity has not yet been disclosed, nevertheless, as many energy organizations around the world use Solar Wind software, the number of companies damaged could be higher than expected. For some, this is the most severe cyber-attack in the U.S. history.