Billions spent on U.S. defenses failed to detect giant Russian hack

Einstein missed it — because the Russian hackers brilliantly designed their attack to avoid setting it off. The National Security Agency and the Department of Homeland Security were looking elsewhere, understandably focused on protecting the 2020 election.

The new American strategy of “defend forward” — essentially, putting American “beacons” into the networks of its adversaries that would warn of oncoming attacks and provide a platform for counterstrikes — provided little to no deterrence for the Russians, who have upped their game significantly since the 1990s, when they launched an attack on the Defense Department called Moonlight Maze…

Inside banks and Fortune 500 companies, executives are also trying to understand the impact of the breach. Many use the network management tool that the hackers quietly bored into in order to carry out their intrusions, which is called Orion and made by the Austin, Texas-based company SolarWinds. Los Alamos National Laboratory, where nuclear weapons are designed, also uses it, as do major military contractors.

“How is this not a massive intelligence failure, particularly since we were supposedly all over Russian threat actors ahead of the election,” Robert K. Knake, a senior Obama administration cybersecurity official, asked on Twitter on Wednesday. “Did the N.S.A. fall in a giant honey pot while the S.V.R.” — Russia’s most sophisticated spying agency — “quietly pillaged” the government and private industry?