February 23, 2021

NASA and the Federal Aviation Administration were among the nine federal agencies targeted in a major cyberattack allegedly carried out by Russia against the United States last year, The Washington Post reported Tuesday. It's been known that several agencies — including the departments of State, Justice, Treasury, Energy, Commerce, and Homeland Security, as well as the National Institutes of Health — were compromised, but NASA and the FAA were not previously identified. Neither agency confirmed or denied the report.

More generally, the Post reports, the Biden administration is still progressing toward sanctions and other measures to punish Russia, while also strengthening the attribution statement the intelligence community released in January that said the Kremlin was "likely" behind the attack. White House officials reportedly told the Post the response will focus on more than just the one attack and convey the message that Moscow has been behind hostile cyberattacks against the U.S. and its allies for years. Read more at The Washington Post. Tim O'Donnell

January 2, 2021

In public, American officials have said they do not believe Russia's SVR intelligence agency "pierced" classified systems and stole sensitive communications and plans during an alleged cyberattack on what may have been hundreds of networks in the United States, The New York Times reports. But privately, per the Times, those same officials reportedly say they still aren't sure exactly what was or was not taken.

There are concerns that the SVR — which the U.S. intelligence agency and Secretary of State Mike Pompeo are confident was behind the breach, despite President Trump suggesting China may have been involved instead of Moscow — was able to get its hands on delicate, albeit unclassified information from victims like the Federal Energy Regulatory Commission. For example, it's reportedly possible the hackers accessed Black Start, the detailed technical blueprints for how the U.S. would restore power if there was a major blackout. If that was indeed the case, Russia would theoretically have a list of systems it could target to keep power from turning back on.

The Times report sheds more light on the cyberattack, which may not be fully understood for months or even years. Some of the revelations include the fact that the hack appears to have been much broader in scope than originally thought and that the hackers "managed their intrusion from servers inside" the U.S. by "exploiting legal prohibitions on the National Security Agency." Read more at The New York Times. Tim O'Donnell

December 20, 2020

A recently discovered cyberattack, believed to have been carried out by a hacking group linked to Russia's S.V.R intelligence agency, will be at the top of President-elect Joe Biden's agenda when he enters the Oval Office, and he'll have to find a response that is strong enough to impose "high economic, financial, or technological cost on the perpetrator" while also avoiding escalating conflict with Moscow, a person familiar with Biden's thoughts on the subject, told Reuters.

Biden's transition team didn't respond to Reuters' request for comment, but analysts suggested a few potential paths the new administration could take. "I would think, at the bare minimum, imposing sanctions against the S.V.R would be something that the U.S. government should consider," said Edward Fishman, an Atlantic Council fellow who worked on Russia Sanctions in the Obama administration's State Department.

Fishman and James Andrew Lewis, a cyber security expert at the Center for Strategic and International Studies, also suggested sanctions against Russian state companies and the businesses run by Russian oligarchs with links to President Vladimir Putin could send a more hardline message. And Lewis theorized the strongest option could be cutting Russia off from the SWIFT international bank transfer and financial messaging system, which would prevent Russian companies from processing payments to and from foreign customers.

Whatever Biden chooses to do, Lewis argued, it shouldn't just be "symbolic," but instead should let the Russians know "we're pushing back." Read more at Reuters. Tim O'Donnell

December 19, 2020

Secretary of State Mike Pompeo on Friday said the "wiser" course for President Trump would be to refrain from commenting on the alleged Russian cyberattack which targeted several U.S. federal agencies and companies. But the president didn't completely follow that advice Saturday, when he expressed his views on the matter over Twitter.

Trump broke with the consensus by suggesting that China, not Russia, may have been the perpetrator, and that the urge to blame Russia stems from the media's fixation on Moscow as an antagonist. He didn't outright accuse Beijing or dismiss the possibility of the Kremlin's involvement, but the ambiguity of his comments is a departure from U.S. intelligence agencies and Pompeo himself, who said Russia was "pretty clearly" behind the incident.

The president also worked in another unfounded allegation of voter fraud, hinting that the cyberattack could have led to a hit on U.S. voting machines, costing him the election. There is no evidence to support any of those claims.

The comments were viewed by some as one more example of Trump's reluctance to potentially anger Russian President Vladimir Putin, a frequent criticism hurled at him throughout his time in the White House. Tim O'Donnell

December 19, 2020

Secretary of State Mike Pompeo said Friday night during an appearance on the Mark Levin Show that "we can say pretty clearly that it was the Russians that engaged" in a recently discovered cyberattack that breached dozens of federal agencies and companies. He added that while "we're still unpacking precisely" what happened, "this was a very significant effort," marking a slight change in tone for the secretary who had previously suggested the hack may not have been out of the ordinary.

The New York Times notes that Pompeo is the first member of the Trump administration to suggest the Kremlin was behind the attack, even after intelligence agencies have told Congress they suspect Russia's own elite intelligence agency, the S.V.R, was behind it. Russia has denied involvement.

President Trump has yet to address the issue, and Pompeo told Levin that he may keep quiet during the investigation. "I saw this in my time running the world's premier espionage service at the CIA," he said. "There are many things that you'd very much love to say, 'Boy, I'm going to call that out,' but a wiser course of action to protect the American people is to calmly go about your business and defend freedom." Read more at NBC News and The New York Times. Tim O'Donnell

March 23, 2018

The Department of Justice has charged nine Iranians in a major hacking conspiracy that targeted American universities and government agencies. The Trump administration on Friday announced criminal indictments against the alleged hackers, who were involved in "massive, coordinated cyberintrusions" at the behest of the Islamic Revolutionary Guard Corps, an intelligence-gathering arm of the Iranian government.

Also Friday, the Treasury Department announced sanctions against 10 Iranians, in tandem with the DOJ's indictments. Nine of the sanctioned individuals were the nine indicted Friday, who are "leaders, contractors, associates hackers-for-hire or affiliates" of the Mabna Institute, an Iranian company accused of working with Tehran to steal more than 31 terabytes of intellectual property and data in what officials called a "significant, malicious" attack. The 10th individual was indicted in November for involvement in hacking HBO computer servers.

The stolen data was "one of the largest state-sponsored hacking campaigns" ever, officials said, affecting at least 300 universities worldwide, 144 of which were in the United States. The Department of Labor, the United Nations, and the states of Hawaii and Indiana were also targeted, a DOJ announcement stated.

The revealed cyberattacks "should send a message around the world about Iran's continued deceptive practices," said Sigal Mandelker, the Treasury Department's undersecretary for terrorism and financial intelligence, "but it should come as no surprise."

Those sanctioned will have American assets frozen and will be blocked from traveling to more than 100 countries at risk of being extradited to the U.S. Read more at The Washington Post. Summer Meza

June 27, 2017

A massive worldwide cyberattack is causing disruptions from Spain to India, with Ukraine the heaviest hit and the apparent initial target, The Independent reports.

The attack is the biggest in Ukraine's history, affecting everything from the banks to the electricity grids and metro. Ukraine's prime minister called the attack "unprecedented," but clarified that "vital systems haven't been affected."

Ukraine has faced a history of cyberattacks or hacking attempts in the past several years. The country has blamed such attacks, including one on its power grid in 2015, on Russia, The Guardian reports. Russia has denied the charges.

Abroad, other companies, including Russia's Rosneft oil company and the Danish shipping company AP Moller-Maersk, have also reported being hacked. Security experts believe the virus is a variant of the "Petya" ransomware and are already likening the attack to the WannaCry ransomware attack in May, which infected an estimated 230,000 computers in more than 150 countries.

Some already fear the Petya attack could be even bigger than the WannaCry attack. Jeva Lange

See More Speed Reads