What's Known About The Latest Hack Of Government Agencies
MARY LOUISE KELLY, HOST:
In Washington, President Trump keeps pressing baseless claims that his opponents broke into election systems and manipulated votes. However, he has yet to comment on what appears to be a very real hack of U.S. government computer networks, a hack that is just now coming to light. The number of government agencies compromised is growing by the day, and Russia is the strongly suspected culprit. For more, we've called on NPR national security correspondent Greg Myre.
GREG MYRE, BYLINE: Hi, Mary Louise.
KELLY: So the White House may not want to talk about it, but this has all the hallmarks of a major espionage operation. Will anyone in the U.S. government talk about it?
MYRE: Not in any detail. And all the signs suggest the government really was blindsided here. The national security community made this huge effort to prevent election interference, and it seems they were pretty successful on that front. But no one seemed to notice that the hackers were present and digging into U.S. government computers for months.
And since this story broke on Sunday, the government is addressing it in a very minimal way. Some departments, including the Department of Homeland Security, have acknowledged that computers were breached, but there's been absolute silence from the White House. The government hasn't accused anyone, but cyber analysts say the signs all point to Russia's foreign intelligence service, the SVR, because of the highly sophisticated nature of the attack.
KELLY: And do we know - you said highly sophisticated. Do we know how widespread this hack has been?
MYRE: Well, it's very widespread. And according to the self-reporting by some government agencies and the media accounts, the hackers got into email systems at the Commerce Department, State Department, Treasury, Pentagon, National Institutes of Health. And there's almost certainly others we haven't yet heard about. So it's a very broad attack. That much seems clear. We don't know how deep. Was this routine email, or was it involving classified systems that are harder to get to? Now, I spoke about this with Glenn Gerstell. He was the general counsel at the National Security Agency for five years before stepping down this year.
GLENN GERSTELL: It's as if you wake up one morning and suddenly realize that a burglar has been going in and out of your house for the last six months. And you'd have to go back and look at every room to see what was taken, what might have been touched. And, of course, that's just a horrifying thought.
KELLY: Horrifying indeed. And it also, Greg, seems to raise questions for the NSA and for others as to how these hackers were able to carry out such a massive intrusion and go undetected for months and months.
MYRE: Yeah. Mary Louise, you know those - that little note you sometimes get when you log onto your computer? It says your software has been updated, maybe by some company you've never heard of. Well, that's apparently what happened here.
The case revolves around SolarWinds, a tech company from Austin, Texas. It's not widely known outside the industry, but they work extensively with the government and with many private companies. And they provide these periodic software updates, and they sent out these seemingly routine updates in March and June to about 18,000 customers. The hackers apparently placed their malware on these software updates. And this is what gave them access to all these government and company computer systems.
KELLY: It's just - I mean, it's just mind-blowing. Let me just summarize what you have just told us. You just said 18,000 customers and government departments and private companies may have been hacked, that this has been going on for months and, again, that no one in the government or at these companies seems to have noticed until the last few days.
MYRE: That's right. SolarWinds said it provided this 18,000 figure of customers. They said the good news is they think the hackers are focused on a few small targets. The bad news is that they probably focused on the most valuable targets. It's going to take a long time to figure it out, and that's exactly what Glenn Gerstell was telling me.
GERSTELL: But it is going to be a many month-long process. It is painstaking work to determine exactly what level of penetration there was, what might have been taken, what files may have been accessed in the vast computer system around the world.
MYRE: And there's no real playbook about how to respond, so that's going to be the tough question when we get to the end of all this.
KELLY: All right. Thank you, Greg.
MYRE: My pleasure.
KELLY: NPR's Greg Myre. Transcript provided by NPR, Copyright NPR.