Hackers breach US government departments; world questions US' cybersecurity

The United States government has suffered a major hack last night in which12 federal agencies and 18,000 users have been compromised.

However, the breach is far more serious than what many had imagined as the US nuclearweapons agency was hacked too.

The American Energy Department and the American national nuclear security administration were hit by a cyber attack. The significance of these two being hit is thatthese agencies maintain America's nuclear stockpile.

Add WION as a Preferred Source

The US Energy Department has issued a statement claimingthe hack didn't affect "mission-essential national security functions." This meansthat America's nukes are safe, but it also underlines the fact that they are alsovulnerable and this cyber attack is proof.

Have a look|SolarWinds compromised: How hackers attacked software used by US government departments

It has hit the highest offices and departments in America such as the USState Department, the department of homeland security, the Pentagon and now the US Nuclear Weapons Agency.

Hackers targeted the highest levels of American government; they were all compromised.

American investigators are blaming Russia for the hack butthe bigger question that arises here is howdid the hackers break the American government firewalls?

The hackers made move way back in March whichwent on for months. They broke into Solarwinds which is a Texas-based ITmanagement company. It serves several government agencies and many private companies that are on the Fortune 500 list. Microsoft, too, was targetted in this breach and some of its products were reportedly used to attack the victims.

How did the hackers get in?

The hackerscorrupted the code of the SolarWinds software. So, when the company sent software updates to government systems — similar to ones people receive on phones and computers. As a result, 18,000 people downloaded a corrupted update and theupdate exposed their systems.

Microsoft's breach had a similar pattern. It has identified 40 victims which includes government agencies, companies and think tanks. Nearly half of them are private technology companies.

"This latest cyber-assault is effectively an attack on the united states and its government and other critical institutions, including security firms,"Microsoft said in a statement.

American investigators say the hackers had access to government emails and systems for months. It is still not clear how many emails or other systems they accessed.

American has for long self-patted their backs and claimed to be the world leader in technology. However, this breach has come as an embarrassment for America as the superpower seems to have failed to protect its own digital infrastructure and the top levels of its government.

It not only failed to prevent the attack, but it also failed to detect the attack as the cyberattack was not discovered by government officials, but by a private firm calledFireEye. This is a private cybersecurity firm which was the first to raise the red flag because this company too was breached.

A report describes FireEye as the "First call for government agencies and companies around the world" when they fear they have been attacked. This time, however, FireEyeitself was breached.

With this was the level of sophistication, the goal of the hackers seems to have been espionage.

The United States hasn't officially blamed Russia yet but investigators have found Russian fingerprints all over this breach. Moscow, however, asalways is rejecting the charge.

Cyber tools that have never been seen before were used in this attack which raisesconcerns about the extent and the depth of this hacking because if they were able to go undetected for months, they could have potentially used their access to shut down systems, corrupt or even destroy data.