U.S. officials and cybersecurity experts are calling it perhaps the most extensive and costly “cyberattack” in modern history.
Revelations have come to light that in mid-December numerous U.S. government agencies and some of the world’s largest corporations discovered they had been hacked over the course of several preceding months.
U.S. officials were quick to blame Russia — and also China — as the culprits behind the attack.
It appears those behind the breach exploited a weakness in information technology (IT) systems management software developed by a company called SolarWinds. IT is the use of computers to store, transmit or manipulate data, typically within business or government operations.
Dozens of U.S. departments and agencies use SolarWinds software. In addition to doing business with the U.S. government — including all five branches of the military — SW’s clients include 425 of the Fortune 500 companies, all of the largest U.S. telecommunications companies, the British government and NATO. (forbes.com, Dec. 14, 2020)
The hackers injected destructive malware into updates released by SolarWinds between March and June 2020. In this way, whoever perpetrated the attack gained access, at the very least, to email communications between top officials from numerous U.S. government agencies. It is likely they got access to government databases, customer information and potentially much more.
More than 18,000 companies and government agencies are known to have been affected by the hack, and as many as 33,000 may ultimately have been impacted. Given the broad nature of the breach, estimates place the price tag to repair the damage in the tens, if not hundreds, of billions of dollars.
The list of U.S. government agencies and corporations impacted is extensive, and includes the Treasury Department, Commerce Department, Los Alamos National Laboratory, the Department of Homeland Security and Microsoft.
SolarWinds is valued at over $6 billion, and selling software to the U.S. government is a lucrative business for the company, with licensing contracts alone mounting up to millions of dollars. In August 2020, SolarWinds renewed a contract with the U.S. Department of Veteran Affairs that included licenses for the software involved in the breach. The deal was on the order of $2.8 million.
New Cold War accusations
After news of the hack broke, President Donald Trump took to Twitter to speculate that China might be responsible. He took this opportunity to add vitriol to the racist campaign he has led against that country in the midst of the COVID-19 pandemic and the broader anxiety within the U.S. ruling class about China’s growing economic power.
U.S. Secretary of State Mike Pompeo, Attorney General William Barr and other leading officials claimed, without providing any evidence, that Russia was behind the breach. U.S. corporate media outlets were quick to pick up and significantly amplify the anti-Russia hostility that has been carted out at every opportunity, especially over the last few years. The Russian government officially denied these accusations.
Responding to news of the hack, U.S. president-elect Joe Biden said that whoever was identified as the source of the breach “can be assured that we will respond. And probably respond in kind.” (msn.com, Dec. 24)
The breach is an especially crushing embarrassment for U.S. imperialism, which spends billions every year on developing sophisticated systems both to prevent such attacks and to more effectively threaten and wage wars on peoples across the globe.
In the big business press, various officials and cybersecurity experts have begun open speculation about how the U.S. government will ultimately characterize the breach — as an act of espionage, or as something more aggressive — and what the U.S. response should be, based on that accusation.
On Dec. 22, Russia and China embarked on a joint patrol mission over the Western Pacific — a significant development to strengthen ties between countries targeted in a developing new Cold War by the U.S. and other imperialist powers. (apnews.com, Dec. 15)
Warfare behind the computer screen
The U.S. government is quick to cry foul when targeted by cyberattacks. But the reality is that the Pentagon and the U.S. government have pioneered and carried out some of the most vicious and extensive cyberattacks across the globe.
In 2010, the U.S. government conducted a cyber attack against an Iranian nuclear facility, using malware called Stuxnet, which damaged or destroyed upwards of 1,000 nuclear centrifuges, by some estimates. Iran has long maintained that its nuclear program is strictly for peaceful purposes of economic development, not for weapons.
In 2013, Chinese research institutions, technology companies and mobile phone carriers were targeted by a U.S. hack that mined extensive information from millions of Chinese people and from higher-level targets. This attack came to light in a trove of documents from the U.S. National Security Agency released by whistleblower Edward Snowden.
And in 2019, the Russian electrical grid came under a cyberattack led by the U.S. Cyber Command, as reported by the New York Times. (June 15, 2019)
These are but a few of the numerous instances of cyberattacks carried out by the U.S. government in recent years, not to mention many other ways that the Pentagon has employed technology — namely by the extensive use of drone warfare — to rain terror and destruction down on people around the world in the quest by the U.S. ruling class to hold onto power and profit.
Continuing to prop up U.S. militarism, on Dec. 8, 2020, Congress passed a $740 billion budget for the Pentagon. Despite it being vetoed by Trump, Congress is expected to easily override that veto and authorize this staggering budget.
Congress passed the military budget with near unanimous consensus from both the Democratic and Republican parties. But for months they refused to pass meager economic assistance for the tens of millions of workers and oppressed people struggling to survive in the current staggering economic crisis. Many millions have lost their jobs and healthcare, and are now experiencing hunger, the threat of eviction and loss of their homes, and other severe hardships during the ongoing COVID-19 pandemic.
The goal of the U.S. government is to maximize the profits of the ruling class, whatever the human cost. It refuses to respond comprehensively to the desperate needs of people living and dying within its borders. Whether the recent hacking came from its imperialist rivals or others, it is clear that U.S. attacks for profit on people around the world – through direct military war and indirect economic war by sanction – have created more than enough reasons for the recent historic cyberattack on U.S. government and corporate entities.