When Russian hackers first slipped their digital Trojan horses into federal government computer systems, probably sometime in the spring, they sat dormant for days, doing nothing but hiding. Then the malicious code sprang into action and began communicating with the outside world.
At that moment — when the Russian malware began sending transmissions from federal servers to command-and-control computers operated by the hackers — an opportunity for detection arose, much as human spies behind enemy lines are particularly vulnerable when they radio home to report what they’ve found.
Why then, when computer networks at the State Department and other federal agencies started signaling to Russian servers, did nobody in the U.S. government notice that something odd was afoot?
The answer is part Russian skill, part federal government blind spot.
The U.S. government spent billions on a system for detecting hacks. The Russians outsmarted it. https://t.co/wIwZzTuowZ
— The Washington Post (@washingtonpost) December 16, 2020