BOSTON (AP) — Some of America’s most deeply held secrets may have been stolen in a disciplined, monthslong operation being blamed on elite Russian government hackers. The possibilities of what might have been purloined are mind-boggling.
Could hackers have obtained nuclear secrets? COVID-19 vaccine data? Blueprints for next-generation weapons systems?
It will take weeks, maybe years in some cases, for digital sleuths combing through U.S. government and private industry networks to get the answers. These hackers are consummate pros at covering their tracks, experts say. Some theft may never be detected.
U.S. government agencies, including the Treasury and Commerce departments, were among dozens of high-value public- and private-sector targets known to have been infiltrated as far back as March through a commercial software update distributed to thousands of companies and government agencies worldwide. A Pentagon statement Monday indicated it used the software. It said it had “issued guidance and directives to protect” its networks. It would not say — for “operational security reasons” — whether any of its systems may have been hacked.
On Tuesday, acting Defense Secretary Chris Miller told CBS News there was so far no evidence of compromise.
In the months since the update went out, the hackers carefully exfiltrated data, often encrypting it so it wasn’t clear what was being taken, and expertly covering their tracks.
Thomas Rid, a Johns Hopkins cyberconflict expert, said the campaign’s likely efficacy can be compared to Russia’s three-year 1990s “Moonlight Maze” hacking of U.S. government targets, including NASA and the Pentagon. A U.S. investigation determined the height of the documents stolen — if printed out and piled up — would triple the height of the Washington Monument.
In this case “several Washington Monument piles of documents that they took from different government agencies is probably a realistic estimate,” Rid said. “How would they use that? They themselves most likely don’t know yet.”
The Trump administration has not said which agencies were hacked. And so far no private-sector victims have come forward. Traditionally, defense contractors and telecommunications companies have been popular targets with state-backed cyber spies, Rid said.