The 2020 USA Data Breach: A Memorable Year

Early in the year of 2020, we experienced an earth-shattering event that would impact the course of our lifetime and change our lifestyle and economy around the globe — the COVID-19 pandemic. The USA, a global superpower, was no stranger to the deadly and contagious coronavirus that spread from China, and it certainly was not immune to it, ending the year as the most infected state worldwide.

The irony lies in how vulnerable to infections the USA has become.

In 2020, not only did the USA become infected by a virus on a grand human scale, it also became infected by malware on a massive technological scale — the most memorable cyber attack in US history committed by Russian hackers who infiltrated our government — causing the largest data breach to wreak havoc as they committed cyber espionage.

When Russia cyber attacked the U.S.A

Russian hackers, or shall I say malicious actors, were backed by the Russian government when they had compromised network monitoring software by SolarWinds, which is utilized by 18,000 organizations including federal US agencies. The malicious actors made their plan a reality by planting a backdoor update in network management tools which tens of thousands of customers downloaded. Via the backdoor, the malicious actors gained control of the upper hand by acquiring access to steal, modify, and destroy data on the networks of those customers.

Multiple U.S. agencies were hit: The Pentagon, intelligence agencies, Treasury and Commerce Departments, nuclear labs, and Fortune 500 companies used SolarWinds software which had been compromised.

Assessing the Damages

It’s going to take time for investigators to assess the damage. Until now, the damages are still being assessed and we do not fully know the severity of the malware “cancer” and how far it has truly spread. The reason being not everyone who installed the malicious update received follow-on attacks.

If we’re going to understand the nuances in the SolarWinds cases better, we need to define a scale. Since the most important thing in hacks is the spread and severity, the cancer staging system gives a good model to adapt because it tracks the spread and severity of cancer in five stages. We can do the same with hacks.

Stage 0: The attackers have found or made an entry point to systems or the network but haven’t used it or took no action.

Stage I: Attackers have control of a system but haven’t moved beyond the system to the broader network.

Stage II: Attackers have moved to the broader network and are in “read-only” mode meaning they can read and steal data but not alter it.

Stage III: Attackers have moved to the broader network and have “write” access to the network meaning they can alter data as well as read and steal it.

Stage IV: Attackers have administrative control of the broader network meaning they can create accounts and new means of entry to the network as well as alter, read and steal data.

The unknown Unknowns

Damage control is critical. We can only hope there is less damage than more. It is psychologically distressing that Russia gained the ability to retrieve sensitive information about the US government and potentially about our nuclear weapons as well. Although the Russian malicious actors are known to have had control of SolarWinds update system no later than October 2019, there still remains many unknowns, and there is no ruling out the possibility that it may have been longer than October 2019 that the Russians compromised those networks. But thanks to FireEye’s investigation, the compromise came to light.

In a realm filled with possibilities, the worst to come may no longer be much of a great surprise going forward.

Murphy’s Law: What can happen, will happen.

The most damaging hack of all time in US history

While the full damage of the data breach may remain unknown for months, one thing is for certain — Russian committed cyber espionage — perhaps the most damaging hack of all time in our US history. From healthcare to technology, the USA has plenty to patch and lots to recover from in 2021.

2020 — like clear vision, made us see things we never thought we would ever see in our lifetime as Americans — what a memorable year!

Cybersecurity startup boy and editor for Secjuice. I write about crypto, infosec, productivity, and more.