The Succeeding New York Times has the story:
The Trump administration acknowledged on Sunday that hackers acting on behalf of a foreign government — almost certainly a Russian intelligence agency, according to federal and private experts — broke into a range of key government networks, including in the Treasury and Commerce Departments, and had free access to their email systems.
Officials said a hunt was on to determine if other parts of the government had been affected by what looked to be one of the most sophisticated, and perhaps among the largest, attacks on federal systems in the past five years. Several said national security-related agencies were also targeted, though it was not clear whether the systems contained highly classified material.
The Trump administration said little in public about the hack, which suggested that while the government was worried about Russian intervention in the 2020 election, key agencies working for the administration — and unrelated to the election — were actually the subject of a sophisticated attack that they were unaware of until recent weeks.
The hackers have had access since the spring. A similar attack happened to the Obama administration in 2014 and 2015.
Coincidentally, this morning I began reading Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers Kindle Edition, by Andy Greenberg (affiliate link). Two chapters in, it’s a compelling book that reads like a novel. Before reading the New York Times story, I had planned to write a post about how cyber attacks are like pandemics: a handful of people warn about them, but nobody listens until it is too late.
The attack on Treasury and Commerce is small potatoes. Much worse could happen. But maybe we should start paying attention now, rather than later.