London Daily

Focus on the big picture.
Monday, Sep 15, 2025

Suspected Russian hack is much worse than first feared: Here's what you need to know

Suspected Russian hack is much worse than first feared: Here's what you need to know

The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.

The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat “poses a grave risk to the federal government.”

It added that “state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations” are also at risk.

CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.

“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” CISA said. “Removing the threat actor from compromised environments will be highly complex and challenging.”

Russia accused


CISA has not said who it thinks is the “advanced persistent threat actor” behind the “significant and ongoing” campaign, but many experts are pointing to Russia.

“The magnitude of this ongoing attack is hard to overstate,” former Trump Homeland Security Advisor Thomas Bossert said in a piece for The New York Times on Thursday. “The Russians have had access to a considerable number of important and sensitive networks for six to nine months.”

Russian presidential spokesman Dmitry Peskov rejected the accusations, according to the Tass news agency.

“Even if it is true there have been some attacks over many months and the Americans managed to do nothing about them, possibly it is wrong to groundlessly blame Russians right away,” he told Tass. “We have nothing to do with this.”

The Russian Embassy in London did not immediately respond to CNBC’s request for comment.

The FBI said Wednesday it is “investigating and gathering intelligence in order to attribute, pursue, and disrupt the responsible threat actors.”

At this stage, it’s not clear what the hackers have done beyond accessing top-secret government networks and monitoring data.

Hackers also accessed systems at the National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, according to the Politico news site, citing officials familiar with the matter.

SolarWinds backdoor


CISA said those behind the attack used network management software made by SolarWinds, a Texas-headquartered IT firm, to breach the government networks.

As many as 18,000 SolarWinds Orion customers downloaded a software update that contained a backdoor, which the hackers used to gain access to the networks.


CISA issued an “emergency directive” this week instructing federal civilian agencies to “immediately disconnect or power down affected SolarWinds Orion products from their network.”

But the perpetrators may have used other means to access the networks. CISA said Thursday is investigating “evidence of additional access vectors, other than the SolarWinds Orion platform.”

Microsoft customers targeted


Microsoft was hacked in connection with the attack on SolarWinds’ widely used management software, Reuters reported Thursday.

Like with the cyberattack of SolarWinds, hackers infiltrated Microsoft products and then went after others, Reuters said, citing people familiar with the matter.

“We have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data,” a Microsoft spokesperson said in a statement shared with CNBC.

“Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others,” they added.

Microsoft said that more than 40 client organizations were compromised in the attack.

“While roughly 80% of these customers are located in the United States, this work so far has also identified victims in seven additional countries,” Microsoft President Brad Smith said in a blog.

“This includes Canada and Mexico in North America; Belgium, Spain and the United Kingdom in Europe; and Israel and the UAE in the Middle East. It’s certain that the number and location of victims will keep growing.”

Smith added that “this is not espionage as usual” and “while governments have spied on each other for centuries, the recent attackers used a technique that has put at risk the technology supply chain for the broader economy.”


U.S. President-elect Joe Biden pledged Thursday to make cybersecurity a key area of focus for his administration.

“A good defense isn’t enough; We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” Biden said in a statement issued by his transition team.

“We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners. Our adversaries should know that, as President, I will not stand idly by in the face of cyber assaults on our nation.”

President Donald Trump, who has been silent about the hacking, threatened on Thursday to veto the National Defense Authorization Act, which includes money to help prevent such cyberattacks.

Newsletter

Related Articles

0:00
0:00
Close
London Daily Podcast: London Massive Pro Democracy Rally, Musk Support, UK Economic Data and Premier League Results Mark Eventful Weekend
This Week in AI: Meta’s Superintelligence Push, xAI’s Ten Billion-Dollar Raise, Genesis AI’s Robotics Ambitions, Microsoft Restructuring, Amazon’s Million-Robot Milestone, and Google’s AlphaGenome Update
Le Pen Tightens the Pressure on Macron as France Edges Toward Political Breakdown
Musk calls for new UK government at huge pro-democracy rally in London, but Britons have been brainwashed to obey instead of fighting for their human rights
Elon Musk responds to post calling for the murder of Erika Kirk, widow of Charlie Kirk: 'Either we fight back or they will kill us'
Czech Republic signs €1.34 billion contract for Leopard 2A8 main battle tanks with delivery from 2028
USA: Office Depot Employees Refused to Print Poster in Memory of Charlie Kirk – and Were Fired
Proposed U.S. Bill Would Allow Civil Suits Against Judges Who Release Repeat Violent Offenders
Penske Media Sues Google Over “AI Overviews,” Claiming It Uses Journalism Without Consent and Destroys Traffic
Indian Student Engineers Propose “Project REBIRTH” to Protect Aircraft from Crashes Using AI, Airbags and Smart Materials
French Debt Downgrade Piles Pressure on Macron’s New Prime Minister
US and UK Near Tech, Nuclear and Whisky Deals Ahead of Trump Trip
One in Three Europeans Now Uses TikTok, According to the Chinese Tech Giant
Could AI Nursing Robots Help Healthcare Staffing Shortages?
NATO Deploys ‘Eastern Sentry’ After Russian Drones Violate Polish Airspace
Anesthesiologist Left Operation Mid-Surgery to Have Sex with Nurse
Tens of Thousands of Young Chinese Get Up Every Morning and Go to Work Where They Do Nothing
The New Life of Novak Djokovic
The German Owner of Politico Mathias Döpfner Eyes Further U.S. Media Expansion After Axel Springer Restructuring
Suspect Arrested: Utah Man in Custody for Charlie Kirk’s Fatal Shooting
In a politically motivated trial: Bolsonaro Sentenced to 27 Years for Plotting Coup After 2022 Defeat
German police raid AfD lawmaker’s offices in inquiry over Chinese payments
Turkish authorities seize leading broadcaster amid fraud and tax investigation
Volkswagen launches aggressive strategy to fend off Chinese challenge in Europe’s EV market
ChatGPT CEO signals policy to alert authorities over suicidal youth after teen’s death
The British legal mafia hit back: Banksy mural of judge beating protester is scrubbed from London court
Surpassing Musk: Larry Ellison becomes the richest man in the world
Embarrassment for Starmer: He fired the ambassador photographed on Epstein’s 'pedophile island'
Manhunt after 'skilled sniper' shot Charlie Kirk. Footage: Suspect running on rooftop during panic
Effective Protest Results: Nepal’s Prime Minister Resigns as Youth-Led Unrest Shakes the Nation
Qatari prime minister says Netanyahu ‘killed any hope’ for Israeli hostages
King Charles and Prince Harry Share First In-Person Moment in 19 Months
Starmer Establishes Economic ‘Budget Board’ to Centralise Policy and Rebuild Business Trust
France Erupts in Mass ‘Block Everything’ Protests on New PM’s First Day
Poland Shoots Down Russian Drones in Airspace Violation During Ukraine Attack
Brazilian police say ex-President Bolsonaro had planned to flee to Argentina seeking asylum
Trinidad Leader Applauds U.S. Naval Strike and Advocates Forceful Action Against Traffickers
Kim Jong Un Oversees Final Test of New High-Thrust Solid-Fuel Rocket Engine
Apple Introduces Ultra-Thin iPhone Air, Enhanced 17 Series and New Health-Focused Wearables
Macron Appoints Sébastien Lecornu as Prime Minister Amid Budget Crisis and Political Turmoil
Supreme Court temporarily allows Trump to pause billions in foreign aid
Charlie Sheen says his father, Martin Sheen, turned him in to the police: 'The greatest betrayal possible'
Vatican hosts first Catholic LGBTQ pilgrimage
Apple Unveils iPhone 17 Series, iPhone Air, Apple Watch 11 and More at 'Awe Dropping' Event
Pig Heads Left Outside Multiple Paris Mosques in Outrage-Inducing Acts
Nvidia’s ‘Wow’ Factor Is Fading. The AI chip giant used to beat Wall Street expectations for earnings by a substantial margin. That trajectory is coming down to earth.
France joins Eurozone’s ‘periphery’ as turmoil deepens, say investors
On the Anniversary of Queen Elizabeth’s Death: Prince Harry Returns to Britain
France Faces New Political Crisis, again, as Prime Minister Bayrou Pushed Out
Murdoch Family Finalises $3.3 Billion Succession Pact, Ensuring Eldest Son’s Leadership
×