An alarming development in the massive cyberattack on American government systems: Sources tell Politico that the agencies that maintain America's nuclear weapons stockpile were compromised in the attack, which is strongly suspected to have been carried out by Russia. The sources say they have found evidence that hackers accessed the networks of the Energy Department and the National Nuclear Security Administration (NNSA). The worst damage was done at the Federal Energy Regulatory Commission (FERC), where there is evidence of "highly malicious activity," the officials say. The hackers are believed to have accessed systems from March onwards by compromising a SolarWinds software patch. More:
- Department says critical defense systems not hit. Energy Department spokeswoman Shaylyn Hynes confirmed that the department had been hit by the attack but denied parts of the Politico report. "At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the department, including the National Nuclear Security Administration," Hynes said in a statement. Hynes said that when vulnerable software was identified, "immediate action was taken to mitigate the risk."
- What Politico details: In addition to FERC, it reports the DOE and NNSA have uncovered evidence of hacking in the networks used by the Sandia and Los Alamos national labs and the Office of Secure Transportation at NNSA. Politico explains: "NNSA is responsible for managing the nation's nuclear weapons, and while it gets the least attention, it takes up the vast majority of DOE's budget." Enriched uranium is moved by the Office of Secure Transportation, and the labs handle atomic research tied to both nuclear power and nuclear weapons.
- "Grave threat" to critical infrastructure. The Cybersecurity and Infrastructure Security Agency (CISA) warned that the attack poses a "grave threat" to "critical infrastructure," Deutsche Welle reports. The agency said the damage will be very difficult to undo. CISA didn't specify what the critical infrastructure is, but the AP offers this: "Homeland Security, the agency's parent department, defines such infrastructure as any 'vital' assets to the US or its economy, a broad category that could include power plants and financial institutions."
- Private sector was also hit. "It’s still early days, but we have already identified 40 victims—more than anyone else has stated so far—and believe that number should rise substantially,” Microsoft president Brad Smith tells the New York Times. "There are more nongovernmental victims than there are governmental victims, with a big focus on IT companies, especially in the security industry." Microsoft says a "heat map" of the attack shows that 80% of victims are in the US, with others in countries including the UK, Mexico, and Spain—but none in Russia.
- Biden speaks out. President-elect Joe Biden vowed Thursday that he would make dealing with the attack a top priority from the moment he takes office, the BBC reports. "We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place," he said. "We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners." President Trump has not commented publicly on the attacks.
- "Worst hacking case in US history." A government official speaking to the AP on condition of anonymity says the administration isn't ready to publicly blame Russia for the cyberattack. "This is looking like it’s the worst hacking case in the history of America," the official says. "They got into everything." Experts believe the attackers focused on espionage, not sabotage, and were incredibly successful.
- Romney: "Stunning" for White House not to respond. Republican Sen. Mitt Romney said Thursday that the silence and apparent lack of action from the White House was "inexcusable," the Hill reports. "I think the White House needs to say something aggressive about what happened," he said. "This is almost as if you had a Russian bomber flying undetected over the country, including over the nation's capital, and not to respond in a setting like that is really stunning."
(Read more cyberattack