Secretary of State Mike Pompeo said on Friday evening that Russia was “clearly enough” behind the most serious cyberattack on record against the United States. Pompeo is the first administration official to publicly link the Kremlin to the widespread intrusion at a time President Trump has remained silent about the failure to protect government and private sector computer networks.
It’s unclear exactly what the hackers were looking for, but experts say it could include nuclear secrets, plans for advanced weaponry, research related to the COVID-19 vaccine, and information for the files on the top leaders of the government and industry.
“We’re still unboxing precisely what it is, and I’m sure some will be kept under wraps,” Pompeo said in an interview Friday night with radio talk show host Mark Levin. “But suffice it to say that there has been a significant effort to use third-party software to basically embed code into US government systems and it now appears that systems from private companies and from US companies and governments. whole world also appear. It was a very significant effort, and I think we can now say quite clearly that it was the Russians who engaged in this activity.
Russia said it had “nothing to do” with piracy.
White House Deputy Press Secretary Brian Morgenstern told reporters on Friday that National Security Advisor Robert O’Brien occasionally leads several daily meetings with the FBI, the Department of Homeland Security and agencies. intelligence, looking for ways to mitigate piracy.
He wouldn’t provide details, “but rest assured we have the best and the brightest working hard every day.”
Democratic leaders of four House committees, briefed by the administration on the hack, issued a statement complaining that they “were left with more questions than answers.
“Administration officials were unwilling to share the full extent of the violation and the identity of the victims,” they said.
Pompeo, in Levin’s interview, said that Russia was on the list of “people who want to undermine our way of life, our republic, our basic democratic principles …. You see the news of the day regarding their efforts in cyberspace. We’ve seen this for a very long time, using asymmetric capabilities to try to put themselves in a place where they can impose costs on the United States.
What makes this hacking campaign so extraordinary is its scale: 18,000 organizations were infected from March to June with malicious code that relied on popular network management software from a company in Austin, USA. Texas, called SolarWinds.
It will take months to expel elite hackers from the US government networks they have been quietly exploring since March.
Experts say there are simply not enough skilled threat hunting teams to properly identify all government and private sector systems that may have been hacked. FireEye, the cybersecurity company that discovered the intrusion into US agencies and was among the victims, has already identified dozens of victims. It’s the race to identify more.
Many federal workers – and others in the private sector – have to assume that unclassified networks are rife with spies. Agencies will be more inclined to conduct sensitive government activities on Signal, WhatsApp and other encrypted smartphone applications.
“We should tie up. It will be a long journey, ”said Dmitri Alperovitch, co-founder and former CTO of leading cybersecurity company CrowdStrike. “Cleaning is only the first phase.”
The only way to make sure a network is clean is “to burn it down and rebuild it,” Schneier said.
Florida became the first state to admit being the victim of a SolarWinds hack. Officials told The Associated Press that hackers had apparently infiltrated the state’s health care administration agency and others.
SolarWinds’ clients include most of the Fortune 500 companies, and its US government clients are rich in generals and spies.
If the hackers are indeed from the Russian foreign intelligence agency SVR, as experts believe, their resistance may be stubborn. When they hacked into the White House, the Joint Chiefs of Staff and the State Department in 2014 and 2015 “it was a nightmare to get them out,” Alperovich said.
The Pentagon said it had so far detected no intrusion by the SolarWinds campaign into any of its networks – classified or unclassified.
Associated Press editors Matthew Lee in Washington and Bobby Caina Calvan in Tallahassee, Florida contributed to this report.
More to read absolutely technological coverage of Fortune:
- How? ‘Or’ What hackers could hinder successful vaccine deployment
- Why investors jumped on board the SPAC “sauce train”
- GitHub CEO: We eliminate all tracking “cookies” and you should too
- Innovation just does not happen about Zoom
- CEO Upstart talks about major IPO pop, AI and Google racial biases