Moonlight Maze is one of the first documented nation-state cyber espionage campaigns against the United States. Beginning as early as October 1996 and continuing through at least 1999, Russian state-sponsored actors (later attributed by Kaspersky/King’s College London to the Turla APT group based on shared infrastructure with the 2008+ Snake malware) conducted systematic, long-running intrusions against US government networks. Targets included the US Department of Defense, NASA, Department of Energy, research universities, and defense contractors. The attackers stole classified and sensitive information including military research papers, field maps, troop configurations, missile guidance schematics, encryption techniques, and other defense-related documents — information stacked to fill a ’three times the height of the Washington Monument’ if printed. The intrusion was discovered when a Wright-Patterson Air Force Base administrator noticed unexplained late-night connections originating from a system with a Cyrillic keyboard layout. The FBI and DoD launched a joint investigation. Moonlight Maze is considered a precursor to modern APT operations and the first widely-documented example of state-level cyber espionage against US government infrastructure. It directly led to the establishment of the DoD’s Joint Task Force-Computer Network Defense.