Russian SolarWinds hackers were so ‘sophisticated’ that they even targeted DHS cybersecurity experts
Although the Soviet Union ended in 1991 and Russia hasn't had a communist government in 30 years, the United States has found itself in a new and different Cold War — one in which the adversary, Russian President Vladimir Putin, is a right-wing authoritarian rather than a communist and his allies use technology to attack the U.S. government. And according to reporting by CNN published on April 2, Russian hackers in the SolarWinds breach of 2020 even targeted cybersecurity experts working in the U.S. Department of Homeland Security.
CNN reporters Zachary Cohen, Alex Marquardt and Geneva Sands explain, "After infiltrating U.S. government computer networks early last year as part of the SolarWinds data breach, Russian hackers then turned their attention to the very people whose job was to track them down. Over the course of a few months, as U.S. officials remained unaware of the breach, hackers identified a handful of key cybersecurity officials and analysts who would be among the first to respond once the hack was detected — so-called 'threat hunters' — and attempted to access their e-mail accounts, according to two sources familiar with the matter."
The fact that those Russian hackers "knew which working-level cybersecurity analysts at the Department of Homeland Security to go after," the CNN journalists report, underscores their sophistication and demonstrates that they have a "much deeper understanding of U.S. cyberdefenses than was previously known."
Cedric Leighton, a former National Security Agency official, told CNN, "It appears as if the Russian SolarWinds hackers possess granular information on personnel and who among them is likely to be involved in investigating the SolarWinds hack. This could mean that networks have been penetrated to a degree we've not known before. If that's true, we need a complete housecleaning of all our defensive cyberoperations."
The fact that the SolarWinds hack occurred in the first place is troubling enough, but the Russian hackers were so technologically sophisticated that they were even able to target specific DHS cybersecurity experts.
Former Acting DHS Acting Undersecretary Chris Cummiskey told CNN, "What this does is it shows a level of sophistication in terms of targeting those who are working actively to prevent the attacks from either occurring or expanding. And so, that is different than what you're seeing in past cyberattacks…. The level of sophistication is problematic because they're actually going after people that they see as more valuable; so, it shows a sense of prioritization."