[ad_1]
Secretary of State Mike Pompeo said on Friday it was clear Russia was behind the widespread hacking into government systems that officials this week called a “serious risk” to the United States.
Mr Pompeo is the first member of the Trump administration to publicly link the Kremlin to the cyberattack, which used a variety of sophisticated tools to infiltrate dozens of government and private systems, including nuclear laboratories and Pentagon departments , Treasury and Commerce.
“I think this is the case that now we can say quite clearly that it was the Russians who engaged in this activity,” Pompeo said in an interview on the Mark Levin Show.
“It was a very significant effort,” he said, adding that “we are still unpacking precisely what it is.”
President Trump has yet to address the attack, which has been ongoing since the spring and was detected by the private sector only a few weeks ago. Until Friday, Mr Pompeo had played down the episode as one of many daily attacks on the federal government.
But intelligence agencies told Congress they believe it was done by the SVR, an elite Russian intelligence agency.
As evidence of the scope of the attack accumulated this week, the Cybersecurity and Infrastructure Security Agency sent an urgent warning on Thursday that hackers had “demonstrated an ability to exploit software supply chains and shown an significant knowledge of Windows networks.
The agency added that it was likely that some of the attackers’ tactics, techniques and procedures had “not yet been discovered”. Investigators say it could take months to determine to what extent U.S. networks and the tech supply chain have been compromised.
Microsoft said it had identified 40 companies, government agencies and think tanks that hackers had infiltrated. Nearly half are private tech companies, Microsoft said, many of which are cybersecurity firms, like FireEye, tasked with securing large sections of the public and private sector.
“There are more non-government victims than government victims, with a big focus on IT companies, especially in the security industry,” said Brad Smith, president of Microsoft, in an interview Thursday.
FireEye was the first to inform the government that hackers had infected periodic software updates released by a company called SolarWinds since at least March. SolarWinds manufactures critical network monitoring software used by government, hundreds of Fortune 500 companies, and companies that oversee critical infrastructure, including the power grid.
National Security Advisor Robert C. O’Brien cut short a trip to the Middle East and Europe on Tuesday and returned to Washington to hold crisis meetings to assess the situation. The FBI, the Cybersecurity and Infrastructure Security Agency, and the Office of the Director of National Intelligence have formed an emergency response group, the Cyber Unified Coordination Group, to coordinate government responses to what agencies have called a “Significant and ongoing cybersecurity campaign”.
The Russians have denied any involvement. Russian Ambassador to the United States Anatoly I. Antonov said on Wednesday that there were “unfounded attempts by the US media to blame Russia” for the recent cyber attacks.
According to a person briefed on the attack, SVR hackers sought to hide their tracks by using US Internet addresses that allowed them to carry out attacks from computers in the very city – or appear to be – in which their victims were based. They created special pieces of code intended to avoid detection by American warning systems and timed their intrusions so as not to arouse suspicion.
The attacks, the person briefed on the matter said, show that the weak spot in the US government’s computer networks remains administrative systems, especially those which have a number of private companies working under contract.
President-elect Joseph R. Biden Jr. said Thursday his administration would impose “substantial costs” on officials.
“A good defense is not enough; we need to disrupt and deter our adversaries from undertaking major cyber attacks in the first place, ”Biden said, adding:“ I will not stand idly by in the face of cyber attacks on our nation. “
Investigators and other officials say they believe the purpose of the Russian attack was traditional espionage, the kind the National Security Agency and other agencies routinely conduct on foreign networks. But the scale and depth of the hacking raises concerns that hackers could eventually use their access to U.S. shutdown systems, corrupt or destroy data, or take control of computer systems that run industrial processes. So far, however, there has been no evidence that this is happening.
In federal agencies, the private sector and the utility companies that oversee the power grid, forensic investigators were still trying to unravel the extent of the compromise. But security teams say relief from some that they hadn’t used the compromised systems turned into panic on Thursday as they learned that other third-party apps may have been compromised.
Within federal agencies and the private sector, investigators say they have been hampered by classifications and a siled approach to information sharing.
“We have forgotten the lessons of September 11,” said Smith. “It hasn’t been a great week for information sharing and it turns companies like Microsoft into a sheepdog trying to bring these federal agencies together in one place and share what they know.”
Reporting was provided by David E. Sanger, Nicole Perlroth, Eric Schmitt and Julian Barnes.
[ad_2]
Source link