The hackers have been able to do more damage at FERC than the other agencies, and officials there have evidence of highly malicious activity, the officials said, but did not elaborate.
The officials said that the Cybersecurity and Infrastructure Security Agency, which has been helping to manage the federal response to the broad hacking campaign, indicated to FERC this week that CISA was overwhelmed and might not be able to allocate the necessary resources to respond. DOE will therefore be allocating extra resources to FERC to help investigate the hack, even though FERC is a semi-autonomous agency, the officials said.
Several top officials from CISA, including its former director Christopher Krebs, have either been pushed out by the Trump administration or resigned in recent weeks.
"Federal investigators have been combing through networks in recent days to determine what hackers had been able to access and/or steal, and officials at DOE still don’t know whether the attackers were able to access anything, the people said, noting that the investigation is ongoing and they may not know the full extent of the damage “for weeks.”
Shaylyn Hynes, a DOE spokesperson, said that an ongoing investigation into the hack has found that the perpetrators did not get into critical defense systems.
"At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the department, including the National Nuclear Security Administration," Hynes said in a statement. "
-------------------------------------------------
So basically 90% of Sandia and Los Alamos have been compromised? Ok that was a bit of exaggeration but 50% if more of the labs is this weird overhead stuff that does nothing from anyone can tell. Maybe an upside is that it will be seen that much of the excess non technical junk at the labs will be trimmed since it will be seen as a vulnerability. I have been in this system for some time and since the since the late 80s and 90s there has been an explosion of "businesses" "massive site offices", "HR" "Diversity", "procurement, "bizarre job titles" "outreach", and just endless weird jobs that no one understands. Just a massive bloat of crap to dissipate money.
So that point is that all this extra stuff is what was vulnerable to attack. Who what of thought of that? Oh yea like very computer vulnerability person at the labs but they just get in the way.
Comments
I agree with your assessment. The problem is someone needs to take the blame in the US and right now a huge number of compromised agencies and their high level personal are scared as hell. The priority now is all about covering yourself and not taking blame. The next step will be to address the actual problem and after that we can talk about some responses that will send a clear message to the Russians or whoever. I fear that it may never get that far since as I said from what I am hearing everyone is circling the wagons to make sure they do not take any responsibility for this and that is why no is saying anything real.
I was listening to the news today and they mentioned that the nuclear weapons labs had lots of past problems with security. This could end up in another lab breakdown.
If you "agree" that this is a national emergency, why are you focused in whom to blame? Was that the correct response after Pearl Harbor? Why now? Just today's politics, where "national emergency" means no one dies and nobody is inconvenienced that you know. What drivel.