The Treasury Department and Iowa State University are working together in dealing with a breadth of a security problem known as the SolarWinds Russian hack. It is named after a Texas-based company used as a staging ground for an espionage campaign so widespread that specialists say we're only starting to comprehend who was affected and what was stolen. The Treasury aims to know how many senior officials' email accounts were watched. Iowa State has neutralized servers to check whether hackers got in.
READ: Congress Passes $1.4 Trillion Omnibus Spending Bill Alongside $900B COVID-19 Relief Bill
More likely, tens of thousands of private organizations and remarkably every primary government agency have been working anxiously to see whether they've been affected by the supposed Russian hacking campaign and, if so, how much access the hackers had. Experts say it looks like the largest Russian hack campaign in the US
It's not rare for companies or government agencies to suffer security breaches, except this campaign has drawn some concerns and comparisons to China's 2014 hack of the U.S. Office of Personnel Management, which practically kept all the private information government employees, including secret agents. But the SolarWinds Russian hack is unique in its scope, potentially the largest spying operation against the U.S. in history, and it ran unnoticed for nine long months, according to some experts.
The vice president of threat intelligence of Dragos, a cybersecurity company, Sergio Caltagirone, said, "The issue is we don't know how big this is, and at the same time it could be the biggest ever." Dragos, led by Caltagirone, assists industrial and manufacturing businesses in dealing with the Russian hacking campaign and its outcome.
The cybersecurity company FireEye, three federal departments of Commerce, Energy and Treasury agencies, and only a handful of organizations acknowledged having been significantly affected. But Caltagirone said the cybersecurity industry is mindful of "a little over 200" compromises with the number all but guaranteed to grow.
Caltagirone further said, "Most organizations still lack the basic visibility to even assess whether they were compromised or not. We know we are undercounting the victims here. We know that for a fact."
ALSO READ: Fox News Calls Smartmatic Challenge after Legal Action Due to Reports of Vote Manipulation
Because the Russian hackers pulled off a textbook on "supply-chain attack," the campaign is so all-encompassing. Rather than breaking into individual organizations with robust cybersecurity measures, the hackers, widely believed to be Russia's SVR intelligence agency, although most Trump-appointed officials and supporters have openly pointed the finger only at Russia, breached the Austin, Texas-based SolarWinds. This company has an enormous customer base.
SolarWinds delivers software that aids large organizations to manage their computer systems, and accordingly given spontaneous consent to be in those networks without hovering alarms. In March, it is believed that the hackers embedded a malicious code into the company's regular software updates, the company and a government investigation found, making them a potential back door into any of the company's customers.
Unlike some of Russia's nosier agencies, like the FSB, which is indicted of poisoning Russian revolutionists, or the GRU, which drudges and leaks the material to mock Russia's opponents, the SVR is known for its systematic, long-term intelligence-gathering actions.
As of the moment, SolarWinds said in a report with the Securities and Exchange Commission that it already informed 33,000 customer organizations that they had been infested. With that, it could slightly slim the supposed number of actual victims only to under 18,000.