Today's D Brief: Feds scramble amid biggest hack in years; COVID vaccine arrives; NDAA passes over veto threat; Electors vote today; And a bit more.

The U.S. government was hit with a seemingly new kind of cyber attack (or "intrusion") that gave hackers access to sensitive email systems possibly as early as March. The attack was only discovered this weekend, according to Reuters, whose cybersecurity reporter Chris Bing broke the story Sunday afternoon. And its discovery was “so serious it led to a National Security Council meeting at the White House on Saturday,” Bing reports. 

Rewind: You may remember last week the cybersecurity firm FireEye announced that it had been hacked by an unknown “nation-state.” The new discovery of these federal-level breaches is the result of FireEye’s post-attack forensics, which you can read in full, here

Known targets (so far) include the U.S. Treasury and Commerce Departments, according to the Wall Street Journal. Those targets appear to have been hit thanks to a malicious software update apparently secretly injected into Orion technology management software products from the Austin-based network-management firm SolarWinds. The New York Times described it as “one of the most sophisticated and perhaps largest hacks in more than five years.” 

In other words, this appears to be a potentially wide-scale “supply chain hack,” which are quite difficult operations that can require many months of planning and long-game strategizing to align the right personnel and skill sets for just the right opportunity. And it’s all very serious because by noon today, every federal agency that uses SolarWinds products must shut it down — and submit a “completion report” to the Department of Homeland Security. 

Atop the list of likely culprits: Russia’s foreign-intelligence service, according to the Journal. “Hackers believed to be working for Russia” is how Reuters describes the suspects. “[A]lmost certainly a Russian intelligence agency,” the Times reports. (For the record, Russia’s foreign ministry says the allegations are unsubstantiated. More from Russian state-sponsored media, here.)

SolarWinds says its customers include all five branches of the U.S. military, the Pentagon, State Department, NASA, NSA, the Postal Service, NOAA, the Department of Justice, and the Office of the President of the United States. They also serve more than 400 of Fortune’s top 500 companies, including Lockheed Martin, as well as “All five of the top five US accounting firms,” “All ten of the top ten US telecommunications companies,” and “Hundreds of universities and colleges worldwide.”

"This is a much bigger story than one single agency," one person familiar with the matter told Reuters. "This is a huge cyber espionage campaign targeting the U.S. government and its interests."

On the bright side, FireEye officials told the Journal “the attacks weren’t like a worm that automatically attacks different systems and that, instead, each individual attempted intrusion required ‘meticulous planning and manual interaction.’”

What now? Every single federal civilian agency needs “to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately,” the Cybersecurity and Infrastructure Security Agency said in an emergency alert Sunday evening. Meanwhile, multiple federal agencies are investigating. And that includes the FBI and FireEye. 

Don’t be surprised if that target list grows substantially — beyond the Treasury and Commerce departments — over the next several days, prominent infosec specialists Dmitri Alperovitch and Jake Williams told the Associated Press. More here

For your ears only: Go back in time to review the history of cyberwarfare with the last episode in our three-part podcast series from the summer of 2019. In it you’ll learn, at least in part, how Alperovitch’s own professional history parallels some of Russia and China’s biggest and most impactful hacks in the 21st century. Grab your headphones and start listening here


From Defense One

US Embassies Were Hit with High-Power Microwaves. Here’s How That Works // Edl Schamiloglu, The Conversation: A National Academies report sheds some light on the mysterious ailments that have afflicted U.S. personnel in several countries for several years.

Train Troops to Use Social Media More Effectively // Madison Sargeant: It’s a tool, like any other. We may as well know how to use it.

The Pentagon Is Ill-Organized to Improve Its Use of Electromagnetic Spectrum, GAO Says // Patrick Tucker: Old ways and means are quickly becoming obsolete — but spectrum issues remain everyone’s second job.

This Is Only Going to Get Worse // The COVID Tracking Project, The Atlantic: The United States is entering a long, dark period, and the pandemic is already breaking records from the spring.

Welcome to this Monday edition of The D Brief from Ben Watson with Bradley Peniston. Send us tips from your community right here. And if you’re not already subscribed to The D Brief, you can do that here


The COVID vaccine has arrived in New York, and the first vaccinations are expected to take place later today — the same day the U.S. is set to pass 300,000 deaths, the New York Times reports.
In context Here's AP, on the historical significance of this week's developments: "The rollout of the Pfizer vaccine, the first to be approved by the Food and Drug Administration, ushers in the biggest vaccination effort in U.S. history — one that health officials hope the American public will embrace, even as some have voiced initial skepticism or worry. Shots are expected to be given to health care workers and nursing home residents beginning Monday.” More, here.
WH reversal: The White House planned to vaccinate staffers with the first tranche of shots, even sending a spokesperson for the National Security Council to defend the decision in a media appearance on Sunday. Hours later, President Trump tweeted that he would delay some of those vaccinations. More to all that, here.
Idaho’s Republican governor just added 150 National Guard troops to the 100 he already requested to help with Covid-19 testing, decontamination and screening. AP has more from Boise, here.

The Senate passed its annual defense authorization bill, which POTUS45 says he wants to veto for two reasons — it will change the name of bases bearing Confederate officer names, and it does not include a measure restricting social media companies in a way Trump wants. But the bill passed on Friday with a veto-proof majority, 84-13.
On Sunday, Trump offered a third reason he will veto the $741 billion bill: “The biggest winner of our new defense bill is China! I will veto!” Trump tweeted. However, Politico reported Friday, “Congressional leaders have telegraphed that they’ll likely be able to muster enough votes to overturn Trump’s veto, though some Republicans could side with Trump on an override vote.” More here

The Electoral College votes today to confirm President-elect Joe Biden’s victory over President Donald Trump. Today’s voting is a procedural move that, in an ordinary election year, most Americans wouldn’t pay much attention to; but this year, thanks to what the New York Times calls “the president’s theater of grievance and denial,” these procedural formalities take on heightened importance.
In Michigan, “credible threats of violence” have prompted officials to close state Senate and House offices while the state’s electors vote today, the Washington Post reported Sunday evening.
Trump’s recently Covid-infected lawyer Rudy Giuliani says he has “four or five” more lawsuits planned this week at the state level. Giuliani was speaking to Newsmax after the Supreme Court on Friday rejected Texas and Trump’s unprecedented GOP-backed request to overturn the election by tossing out some 20 million votes in four other states.
The big problem with Texas’s request, according to the short decision (PDF) released Friday by SCOTUS: The state had no legal standing. Or, as the decision reads, “Texas has not demonstrated a judicially cognizable interest in the manner in which another State conducts its elections.” Read more on the decision from the Wall Street Journal, here.
What happens now to the reputations of folks like House Republican Leader Kevin McCarthy, Minority Whip Steve Scalise of Louisiana, Rep. Rob Wittman of Virginia, and the 123 other House GOPers who signed on to the Texas lawsuit in a letter made public last week? Here’s Politico reporting Friday on why Republican senators are treating the Texas suit very differently from their House colleagues. 

Lastly: President-elect Biden plans to address the nation this evening. His remarks will, in part, include a message for defiant Republicans in the hopes that they will “accept Trump’s defeat and focus their attention on fighting the coronavirus pandemic and staving off economic tumult,” AP reports in a preview.

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.