On Election Day, General Paul M. Nakasone, the nation’s top cyberwarrior, reported that the battle against Russian interference in the presidential campaign had posted major successes and exposed the other side’s online weapons, tools and tradecraft.
“We’ve broadened our operations and feel very good where we’re at right now,” he told journalists.
Eight weeks later, General Nakasone and other American officials responsible for cybersecurity are now consumed by what they missed for at least nine months: a hacking, now believed to have affected upward of 250 federal agencies and businesses, that Russia aimed not at the election system but at the rest of the United States government and many large American corporations.
Three weeks after the intrusion came to light, American officials are still trying to understand whether what the Russians pulled off was simply an espionage operation inside the systems of the American bureaucracy or something more sinister, inserting “backdoor” access into government agencies, major corporations, the electric grid and laboratories developing and transporting new generations of nuclear weapons.
At a minimum it has set off alarms about the vulnerability of government and private sector networks in the United States to attack and raised questions about how and why the nation’s cyberdefenses failed so spectacularly.
Those questions have taken on particular urgency given that the breach was not detected by any of the government agencies that share responsibility for cyberdefense — the military’s Cyber Command and the National Security Agency, both of which are run by General Nakasone, and the Department of Homeland Security — but by a private cybersecurity company, FireEye.
“This is looking much, much worse than I first feared,” said Senator Mark Warner, Democrat of Virginia and the ranking member of the Senate Intelligence Committee. “The size of it keeps expanding. It’s clear the United States government missed it.”
“And if FireEye had not come forward,” he added, “I’m not sure we would be fully aware of it to this day.”
Interviews with key players investigating what intelligence agencies believe to be an operation by Russia’s S.V.R. intelligence service revealed these points:
