Cyberattacks in the U.S. Federal Government: A Timeline Spanning 2018 - Early 2021
July 19, 2021
In 2018, the U.S. was the country most severely affected by cybercrime in terms of financial loss. Industry experts estimate the U.S. government faced costs of over 13.7 billion U.S. dollars as a result of cyberattacks.
Some recent significant cyber incidents include:
- At least two groups of China-linked hackers spent months using a previously undisclosed vulnerability in American virtual private networking (VPN) devices to spy on the U.S. defense industry.
- Email systems were breached at the Treasury and Commerce Departments by hackers acting on behalf of a Russian intelligence agency. According to federal and private experts, the cyber attackers broke into a range of important government networks, including in the Treasury and Commerce Departments, and gained free access to their email systems.
- The U.S. Cyber Command conducted more than 12 operations to confront foreign threats ahead of the 2020 U.S. elections, including 11 forward hunt operations in nine different countries.
- U.S. Cyber Command confirmed it assisted Columbia in responding to election interference and influence operations.
- Chinese government hackers targeted Microsoft’s enterprise email software to steal data from over 30,000 organizations around the world, including government agencies, legislative bodies, law firms, defense contractors, infectious disease researchers, and policy think tanks.
- The U.S. Department of Justice accused three North Korean hackers of conspiring to steal and extort over $1.3 billion in cash and cryptocurrencies.
- North Korean hackers attempted to break into the computer systems of pharmaceutical company Pfizer to gain information about vaccines and treatments for COVID-19.
- Over 200 organizations around the world, including multiple U.S. government agencies, revealed breaches by Russian hackers who compromised the software provider SolarWinds and exploited their access to monitor internal operations and exfiltrate data.
- Iranian state hackers used a Christmas theme for a spear-phishing campaign targeting think tanks, research organizations, academics, journalists, and activists in the U.S., Persian Gulf, and EU.
- CISA and the FBI announced that the U.S. think tanks focusing on national security and international affairs were being targeted by state-sponsored hacking groups.
- U.S. Cyber Command and the NSA conducted offensive cyber operations against Iran to prevent interference in the forthcoming U.S. elections.
- The U.S. government announced Iranian hackers targeted state election websites to download voter registration information and conduct a voter intimidation campaign.
- The FBI and CISA announced a Russian hacking group breached U.S. state and local government networks, as well as aviation networks, and exfiltrated data.
How Can We Prevent Cyberattacks?