So very odd how that weeks after Trump fires the nation's top cybersecurity expert because he won't sign off on Trump's "election fraud" lunacy and leaves the country rudderless on the defending the internet, the US Treasury immediately gets hit by a massive cyberattack that compromised our entire internet infrastructure. I'll give you three guesses as to who's behind this, and the first seven don't count.
The Russian government hackers who breached a top cybersecurity firm are behind a global espionage campaign that also compromised the Treasury and Commerce departments and other government agencies, according to people familiar with the matter, who requested anonymity because of the sensitivity of the matter.
The FBI is investigating the campaign by a hacking group working for the Russian foreign intelligence service, SVR. The group, known among private-sector security firms as APT29 or Cozy Bear, also hacked the State Department and the White House during the Obama administration.
It is not clear what information was accessed.
Reuters first reported the hacks of the Treasury and Commerce agencies Sunday, saying they were carried out by a foreign government-backed group. The SVR link to the broader campaign is previously unreported.
The matter was so serious it prompted an emergency National Security Council meeting on Saturday, Reuters reported.
“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said NSC spokesman John Ullyot. He would not comment on the country or group responsible.
APT29 has been linked to several has attempted to steal coronavirus vaccine research.
The Washington Post reported last week that the Russian hacking group, APT29, breached the cybersecurity firm, FireEye, according to sources familiar with the report.
At Commerce, the Russians targeted the National Telecommunications and Information Administration, an agency that handles internet and telecommunications policy, Reuters reported.
The campaign is said to be quite broad, encompassing an array of targets, including government agencies in the United States and other countries. It has been running for months, one person said.
So to recap, the Russians most likely have the entire set of keys to the US internet infrastructure, and now have the ability to manipulate it as they see fit. Even Trump is scared enough to have an emergency national security meeting over this.
Just in time for basically all the previously secure internet communications in the US to now be open to Moscow and Putin to do whatever he wants to the Biden administration.