Like the, it came from overseas, arriving, initially, unnoticed. When it was finally, belatedly discovered, the outrage (for a few days at least) was epic.
"This is nothing short of a virtual invasion by the Russians into critical accounts of our federal government," said Democratic Senator Dick Durbin.
Republican Senator Mitt Romney called it "an extraordinary invasion of our cyberspace."
The Russians, it's believed, hacked into the software of a company called SolarWinds, causing them to push out malicious updates – call it a "cyber virus" –. Almost a cyber pandemic.
As former Bush Administration official Theresa Payton told Fox News, "This vulnerability allowed these nefarious cyber operatives to actually create what we refer to in the industry as 'God access' or a 'God door,' giving them basically any rights to do anything they want to in stealth mode."
Like its medical counterpart, a cyber virus spreads through bad hygiene. Former Director of National Intelligence James Clapper called the security breach "a huge intelligence failure."
Democratic Rep. Jason Crow called the hack "breathtaking," and referred to it as "our modern-day 'Cyber Pearl Harbor.'"
So, which is it? Pearl Harbor, which drew the United States into World War II? Or just a massive espionage operation, similar to those conducted by the United States around the world?
With nothing much to see, media coverage faded. But the experts remain seriously concerned.
"This is not just about an espionage attack," said Richard Clarke. "This is about something called preparation of the battlefield, where they're now able, in a time of crisis, to eat the software in thousands of U.S. companies."
More than 20 years ago, Clarke was the nation's first cyber czar, working initially in the Clinton White House and then under George W. Bush. These days, Clarke is chairman of Good Harbor, a cybersecurity consulting company.
"Sunday Morning" senior correspondent Ted Koppel asked Clarke, "When you hear people talk about this as being purely an intelligence operation, you accept that?"
"No, I don't," he replied. "Now, what the Russians have known is they've suddenly gotten into thousands of American sites and placed additional backdoors in once they got in. So, even if we discover a backdoor that they have placed in a critical network, they've probably placed five or six, and we'll never find them all.
"That means they are in the position, in the crisis, to walk right into lots of important American networks, both government and private sector, and then to wipe out the software on them, to shut the network down," Clarke said.
"We are now in a moment of history where there is a constant, escalating, short-of-war cyber-conflict underway every single day," said David Sanger, national security correspondent for The New York Times.
Cyber warfare is, to borrow the title of his book and the HBO documentary based on that book, "The Perfect Weapon." In the documentary, cyber is described as a "most inexpensive, highly-destructive, highly-deniable weapon."
Koppel asked, "Is there a really visible line between cyber intelligence and cyber warfare?"
"Yes, I think there is," Sanger replied. "If I went into your computer system, Ted, just to read your email, that's pure espionage. But what people discovered over time, was that the same computer code that enabled you to break into somebody's system would also enable you to manipulate that system.
"So, once you were inside, if you had the right access, you could do all kinds of things. If the network was connected to an electric power grid, to a gas pipeline, to a water distribution system, to a nuclear centrifuge plant, you might be able to manipulate the data and cause havoc in those systems. And that's much more than mere espionage."
These days Keith alexander is CEO of the IronNet Cybersecurity company; but when he retired as a four-star Army general, Alexander ran the National Security Agency, where he used to direct intelligence operations against America's adversaries.
Koppel wondered what Alexander thought the Russians are doing: "Isn't it reasonable in a situation like this to assume the worst? That they were planting, in effect, cyber landmines which can be activated at some future point?"
"I think the real objective is to gain information: what Treasury's thinking, what Commerce is thinking, what Homeland Security's thinking, what State Department does," Alexander said. "They want insights to what's going on in our country."
"You still haven't responded directly to my suggestion that it could also include cyber landmines which could be activated later on," Koppel said.
"Well, that's a good point," Alexander replied. "Having said that, there has been no insights yet as to them actually setting landmines as much as gathering information. So, I would say this: think of this as the recon phase. They would set up those backdoors so that they have a way of getting in and out. And then if they had that, you don't necessarily have to set up the landmines at that time; you would probably keep your information on those networks down low so that it's not detectable, and just have the backdoor capability to get in, and then do something when the need arises."
Clarke said, "What has occurred is, again, preparation of the battlefield. There's not been a lot of damage because of SolarWinds. Maybe some information was stolen, but nothing has been damaged yet."
"Yet!" said Koppel. "But if I didn't misunderstand what you said before, the Russians are really no more than a few keystrokes away from implementing exactly that kind of damage on, as you put it, thousands of American firms."
"That's right. And we do not have plans or capability today to quickly come back after that kind of devastating attack," Clarke said. "The kind of things that we need to do now, we could have done 20 years ago. Twenty years ago, however, there wasn't a real understanding in the Congress or in the White House. There wasn't a willingness to spend the kind of resources. People were worried about privacy concerns and 'Big Brother' controls. They didn't trust the government to defend them against this sort of thing."
"And here we are, with trust in government at probably a lower ebb than it's ever been," said Koppel. "And you think that's gonna change?"
"Neither government nor the private sector can defend our networks alone; they have to work together," said Clarke.
Alexander added, "And we need to unite the country. Put the politics aside and say, 'What's the right thing for this nation?'"
Koppel said, "When you listen to some of the chest-beating that is going on in certain circles about taking retaliatory action against the Russians – just give me your thoughts on that."
"We don't want to create a deeper cyber war in cyberspace," Alexander said. "But we need to send a message. Now, that can be done outside of cyber – diplomatically, politically, economically. It can be done in cyber. It can be done overtly or covertly. Because imagine if we did attack, and then they attack back. Who has more to lose? We do."
Koppel asked David Sanger, "Who is able to sustain the pain of a cyberattack more effectively – we or our enemies?"
"Probably our enemies," he replied. "One of the other strange things about cyber is that the advantage goes to the least-networked society attacking the most-networked society. And we are clearly, Ted, the most-networked society."
"So, here we are in this extraordinary position," Koppel said, "of being arguably the most-technologically-advanced country in the world; probably the best at cyber technology in the world and simultaneously, if not the most vulnerable, among the most vulnerable in the world."
"That's absolutely right," Sanger replied. "As one of the leading thinkers inside cyber command says, Michael Sulmeyer: 'We live in the glassiest of the glass houses,' right? So, while we may have the biggest weapons, we're nothing but picture windows.
"And it's really easy to throw a rock through one."
For more info:
- Richard Clarke, Good Harbor
- "The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats" by Richard A. Clarke and Robert K. Knake (Penguin Press), in Hardcover, Trade Paperback, eBook and Audio formats, available via Amazon and Indiebound
- David E. Sanger, The New York Times
- "The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age" by David Sanger (Crown), in Trade Paperback, eBook and Audio formats, available via Amazon and Indiebound
- Keith Alexander, IronNet Cybersecurity
Story produced by Deirdre Cohen. Editor: Remington Korper.