The observation of recent cyberattacks on the large number of the US networks (many of them were related to federal agencies and prominent US corporations) and the statements of the national security officials let us believe that the real scale and damage caused to national security are still unknown.
It becomes even more serious deal if we remember the statement of General Paul Nakasone, the United States’ top cybersecurity official, who claimed that Russian interference into the presidential campaign was prevented and Russians online weapons, tools and tradecrafts were identified.
“We’ve broadened our operations and feel very good where we’re at right now,” he told journalists. The reality was just the opposite than Mr. Nakasone told the nation. The aim of Russians was not election systems and networks – it affected more than 250 federal agencies and businesses.
Now we can state that national security was not ready for such complicated and smart attack – likewise, we have no clear answer from federal officials, whether it was simply an espionage operation inside the systems of the American bureaucracy or something more sinister, inserting “backdoor” access into the government agencies (State Department, the Commerce Department, the Energy Department and parts of the Defense Department among the agencies confirmed to have been infiltrated), major corporations, the electric grid and laboratories developing and transporting new generations of nuclear weapons.
The most disturbing question which urges immediate and full answer of investigative authorities is why either military’s Cyber Command and the National Security Agency, both of which are run by Gen Nakasone, or the Department of Homeland Security failed to detect the start and processing of Russian cyberattacks. In fact, we have to praise FireEye, private cybersecurity company for detection of the cyberattack.
“This is looking much, much worse than I first feared,” said Senator Mark Warner, the ranking member of the Senate Intelligence Committee. “The size of it keeps expanding. It’s clear the United States government missed it.”
The preliminary investigation and interview with key players investigating what intelligence agencies believe to be an operation by Russia’s SVR intelligence service, showed that the number of attacked and breached networks is much more than 250 – it is approximately 18.000 (the cyberattack was based on inserting code into network management software made by a Texas company named SolarWinds).
Another revealed key point of investigation is that Russian hackers operated domestic US servers to do malicious intrusions, using legal prohibitions on the National Security Agency from engaging in domestic surveillance and eluding cyberdefences deployed by the Department of Homeland Security. It makes us think that the mentioned cyberattack became possible not only because of technical issues, but also because of legal ones.
“Early warning” sensors placed by Cyber Command and the National Security Agency deep inside foreign networks to detect brewing attacks did not work at all which needs detached examination of its disadvantages and further updates.
To sum up, it is worth mentioning that American society deserves to receive clear and straight answers about what is being done to increase the effectiveness of cybersecurity system of the US and how the US government is going to respond Russia as there is no way the United States can let it go.
In fact, the United States appears to have succeeded in persuading Russia that an attack aimed at changing votes would prompt a costly retaliation. Still such persuading was not enough effective and to keep its world leader’s status, the United States has to show immediate and comparable reply to any attack on its national security.