The Ministry of Defence in Whitehall has ordered an urgent assessment to check the extent to which British systems have been compromised, after it emerged this week that sophisticated hackers have had access to the American government’s top secrets for months. The finger of blame has been pointed at Russia.

Initial analysis suggests the hackers gained access via the cybersecurity company SolarWinds, whose software is used by numerous US government agencies. When SolarWinds was compromised, hackers implanted a backdoor into a software update which was then downloaded by US departments as well as a plethora of private companies, allowing the hackers to access their systems. 

A second cybersecurity firm, FireEye, was the subject of a similar hack, although it is used by fewer official government networks. Robert Fox reported for Reaction on this, on Wednesday. Read it here.

Now, however, there are fears that the hack went much further than SolarWinds, and is much more serious than previously thought. In a statement, the cybersecurity division in the Department of Homeland Security, CISA, has warned that the breach came as a result of several lines of attack. “CISA has evidence of additional initial access vectors, other than the SolarWinds platform; however, these are still being investigated,” the statement said.

The sheer scale of the breach looks remarkable and incredibly dangerous. For six to nine months, suspected Russian hackers may have had access to truckloads of the American federal government’s most sensitive data, with everything from the coding of the coronavirus vaccine to next generation military equipment potentially siphoned off to Moscow.

Recent reports suggest the hackers may even have breached the US Energy Department and National nuclear Security Administration, two agencies which between them handle the nuclear stockpile of the United States. This would, if proven, be the biggest compromise of the US national security enterprise in history.

But perhaps more worrying is the fact that the US government still has very little knowledge of the extent of the damage. Federal investigators have been combing through government networks in recent days to determine what hackers have accessed or stolen, but this is a process which will take time. Washington’s biggest fear will be that, while investigations are ongoing, American adversaries might seek to use the information they’ve ascertained to destabilise the country ahead of a fragile period.

For this reason, national security experts have been aghast at the lack of a direct response from the White House.

In a column in the New York Times, Thomas Bossert, Trump’s former homeland security adviser, says: “At the worst possible time, when the US government is at its most vulnerable – during a presidential transition and a devastating public health crisis – the networks of the federal government… are compromised by a foreign nation. We need to understand the scale and significance of what is happening.”

Bossert adds: “While the Russians did not have the time to gain complete control over every network they hacked, they most certainly did gain it over hundreds of them. It will take years to know for certain which networks the Russians control and which ones they just occupy. The logical conclusion is that we must act as if the Russian government has control of all the networks it has penetrated.”

He says it is unclear what the Russians intend to do next. Bossert warns that the access the Russians now enjoy could be used for far more than simply spying.

“The US military and intelligence community must be placed on increased alert; all elements of national power must be placed on the table. While we must reserve our right to unilateral self-defence, allies must be rallied to the cause. The importance of coalitions will be especially important to punishing Russia and navigating this crisis without uncontrolled escalation.”

At first glance, it may sound as though Bossert is being alarmist, but his recent positions in government place him in good stead to understand the sheer scale of the damage that could be done. Cyber attacks are difficult for governments and the media – they happen in the dark and are picked out gradually – but this remarkable story may quickly come to dominate the news agenda.

The most powerful government in the world has likely just suffered its most significant security breach from an external power since the Cold War, if not before. It is worth noting that, since investigations are ongoing, this hack is still very much active.