Rock Island Arsenal will 'neither confirm nor deny' whether it was swept up in Russian hack
By TOM BARTON | Quad City Times | Published: December 24, 2020
(Tribune News Service) — U.S. Army officials on Wednesday would not say whether the Rock Island Arsenal was part of a massive breach of U.S. government agencies blamed on Russian hackers.
Citing "security concerns," Arsenal public affairs officer Eric Cramer told the Quad-City Times that Army officials "can neither confirm nor deny that we were in any way affected by the Russian hack."
"We take our network security very seriously and are vigilant in protecting the Rock Island Arsenal network," Cramer said.
A spokesperson for U.S. Rep. Cheri Bustos, D-Ill., said her office did not have information to share about whether the Arsenal was compromised as result of the far-reaching hack.
"The Department of Defense is currently investigating the extent of these hacks," Heather Sager, Busto's communications director, said in a statement. "For our national security, Congresswoman Bustos believes it is critical that these incidents are investigated fully and supports next steps to protect us from future attacks."
The long-undetected breach encompasses a broad spectrum of federal agencies and "critical infrastructure," according to the nation's cybersecurity agency, posing security problems ranging from the Treasury Department to Iowa State University, which decommissioned servers to check whether hackers got in.
"Iowa State University learned last week that it was one of the 18,000 customers affected by the SolarWinds security breach," according to a statement from from the university. "At this time, there is no evidence the university was targeted in this attack or that its infrastructure was compromised. It does not appear any sensitive or personal information of students, faculty or staff was compromised. Iowa State's information technology team continues to investigate. It has decommissioned affected servers and will take additional remediation steps as needed."
Effects and consequences of the hack are still being assessed, the Associated Press reported, though the Department of Homeland Security's cybersecurity arm said in a statement last week that the intrusion posed a "grave" risk to government and private networks.
The U.S. security agency has said the cyber-espionage campaign appears to have begun last March with malware, affecting a product made by U.S. company SolarWinds, which gave elite Russian hackers remote access into an organization's networks so they could steal information.
The intrusion was not discovered for months, until the prominent cybersecurity company FireEye determined it had been hacked.
Tech giant Microsoft, which has helped respond to the breach, revealed last week that it had identified more than 40 government agencies, think tanks, nongovernmental organizations and IT companies infiltrated by the hackers.
Secretary of State Mike Pompeo and Attorney General William Barr have stated publicly that they believe Russia was to blame, matching consensus of others in the U.S. government and of the cybersecurity community.
The Associated Press contributed to this report.