Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack – The New York Times:

Over the past few years, the United States government has spent tens of billions of dollars on cyberoffensive abilities, building a giant war room at Fort Meade, Md., for United States Cyber Command, while installing defensive sensors all around the country — a system named Einstein to give it an air of genius — to deter the nation’s enemies from picking its networks clean, again.

It now is clear that the broad Russian espionage attack on the United States government and private companies, underway since spring and detected by the private sector only a few weeks ago, ranks among the greatest intelligence failures of modern times.

Einstein missed it — because the Russian hackers brilliantly designed their attack to avoid setting it off. The National Security Agency and the Department of Homeland Security were looking elsewhere, understandably focused on protecting the 2020 election.

It is unclear at this point just how badly US government systems were compromised—it’s pretty bad—but we know which nationstate is responsible for it, and we should apply economic sanctions as well as block all Russian IPs from reaching the US via the internet. I expect that the US response will be significant—after Trump is out of office.