Hackers working for Russian intelligence gained access to government computers and hundreds of private companies by exploiting a software platform called SolarWinds. The hackers reportedly hijacked a routine software update to infect every computer that received the update.
The total extent of what the Russian hackers were able to gleam from the record-breaking intrusion still isn't known, but the Associated Press reports that the hackers did gain access to one very high profile target.
Former Department of Homeland Security Chad Wolf had his email hacked.
Suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of the Department of Homeland Security and members of the department’s cybersecurity staff whose jobs included hunting threats from foreign countries, The Associated Press has learned.
The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is not publicly known, but the symbolism is stark. [...]
Wolf and other top Homeland Security officials used new phones that had been wiped clean along with the popular encrypted messaging system Signal to communicate in the days after the hack, current and former officials said.
I suppose there's nothing funny about this, but I still couldn't help but laugh when I read that cybersecurity staff also had their accounts compromised. Who is watching the watchers?
I also couldn't help but think of the four-year-long campaign to flog former Secretary of State Hillary Clinton's private email server. A private email server that was never compromised by Russian hackers. Emails exchanged by Clinton and her staff that were leaked to the public were stolen from State Department servers, not hers.
It's a really big deal that the director of Homeland Security was walking around with a compromised phone. The agency and its director has jurisdiction over most of our domestic security apparatus and access to classified information, among other things. Hacking the director of DHS is a more immediate threat to security than hacking the secretary of state would be.
The Biden administration is reportedly planning to retaliate for the SolarWinds hack, but it's not clear how yet.