What happens if hackers are inside the Pentagon’s networks?
WASHINGTON — If Russian hackers suspected of a vast cybersecurity breach slipped into the Pentagon or military’s computer systems, the strength of protective network blockades is key to keeping them from burrowing in to try to access increasing amounts of information.
Those protections — in the form of secure network connections — have to stand up to meddling to keep hackers from hopping from network to network to potentially reach sensitive communications or even weapon systems, where they could steal or alter data or cause damage, experts say. However, observers point out that this breach appears so far to be a classic espionage campaign, though with some of the most sophisticated methods seen yet.
“We certainly have a high degree of activity around that right now,” Navy CIO Aaron Weis told C4ISRNET. “We have teams who have acted upon the direct orders from Cyber Command and have executed those things. We continue to engage around that. There are internal meetings that are ongoing where we’re ensuring that we’ve put the right things in place. Absolutely it’s got our full attention.”
Overall, the Pentagon has been largely silent about the breach publicly as it works through the long process to assess fallout from the intrusion, saying early on that no breach had been detected yet, despite media reports that said the agency was among government offices compromised through widely used software from SolarWinds, a network management company.
President-elect Joe Biden has criticized the Pentagon for not briefing him and his transition team fully, challenging President Donald Trump’s assertion that the situation is under control. The Pentagon disputed the idea that it is withholding information from Biden, saying briefings will continue in early January after a break over the holidays.
According to cybersecurity company FireEye, which uncovered the breach, the access that hackers achieved has allowed the malicious actor to move further into computer networks.
Several former government cybersecurity officials told C4ISRNET that lateral movement allowing the suspected Russian hackers to dig deeper posed a worst-case scenario with a myriad of…
