Advertisement

Russia ‘pretty clearly’ behind cyberattack on U.S., Pompeo says

Click to play video: 'Gov’t agency warns infrastructure at risk from cyberattacks'
Gov’t agency warns infrastructure at risk from cyberattacks
The Canadian Centre for Cyber Security’s new report says the most pressing threat to Canadians is from hacked infrastructure. Saskatchewan's utilities said they're prepared - but a cybersecurity expert warns it's an ongoing competition – Nov 20, 2020

Secretary of State Mike Pompeo says Russia was “pretty clearly” behind the gravest cyberattack against the United States on record, the first administration official to publicly tie the Kremlin to the widespread intrusion at a time when President Donald Trump has kept silent on the failure to protect government and private-sector computer networks.

It’s not clear exactly what the hackers were seeking, but experts say it could include nuclear secrets, blueprints for advanced weaponry, COVID-19 vaccine-related research and information for dossiers on key government and industry leaders.

“We’re still unpacking precisely what it is, and I’m sure some of it will remain classified,” Pompeo said in an interview late Friday with radio talk show host Mark Levin.

Story continues below advertisement

“But suffice it to say there was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems and it now appears systems of private companies and companies and governments across the world as well. This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”

Click to play video: 'Several attempts have been made to infect information systems in Fredericton'
Several attempts have been made to infect information systems in Fredericton

Russia has said it had “nothing to do” with the hacking.

Deputy White House press secretary Brian Morgenstern told reporters Friday that national security adviser Robert O’Brien has sometimes been leading multiple daily meetings with the FBI, the Department of Homeland Security and the intelligence agencies, looking for ways to mitigate the hack.

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.

Get daily National news

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

He would not provide details, “but rest assured we have the best and brightest working hard on it each and every single day.”

Story continues below advertisement

The Democratic leaders of four House committees given classified briefings by the administration on the hack issued a statement complaining that they “were left with more questions than answers.”

“Administration officials were unwilling to share the full scope of the breach and identities of the victims,” they said.

Click to play video: 'CSIS says foreign actors engaging in COVID-19 disinformation'
CSIS says foreign actors engaging in COVID-19 disinformation

Pompeo, in the interview with Levin, said Russia was on the list of “folks that want to undermine our way of life, our republic, our basic democratic principles. … You see the news of the day with respect to their efforts in the cyberspace. We’ve seen this for an awfully long time, using asymmetric capabilities to try and put themselves in a place where they can impose costs on the United States.”

What makes this hacking campaign so extraordinary is its scale: 18,000 organizations were infected from March to June by malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds.

Story continues below advertisement

It’s going to take months to kick elite hackers out of the U.S. government networks they have been quietly rifling through since as far back as March.

Click to play video: 'CSIS links Russia, China and Iran to COVID-19 misinformation'
CSIS links Russia, China and Iran to COVID-19 misinformation

Experts say there simply are not enough skilled threat-hunting teams to duly identify all the government and private-sector systems that may have been hacked. FireEye, the cybersecurity company that discovered the intrusion into U.S. agencies and was among the victims, has already tallied dozens of casualties. It’s racing to identify more.

Many federal workers — and others in the private sector — must presume that unclassified networks are teeming with spies. Agencies will be more inclined to conduct sensitive government business on Signal, WhatsApp and other encrypted smartphone apps.

“We should buckle up. This will be a long ride,” said Dmitri Alperovitch, co-founder and former chief technical officer of the leading cybersecurity firm CrowdStrike.

Story continues below advertisement

“Cleanup is just phase one.”

The only way to be sure a network is clean is “to burn it down to the ground and rebuild it,” Schneier said.

Click to play video: 'Beijing describes Canadian accusations on China being cyber-crime threat as ‘groundless’'
Beijing describes Canadian accusations on China being cyber-crime threat as ‘groundless’

Florida became the first state to acknowledge falling victim to a SolarWinds hack. Officials told The Associated Press that hackers apparently infiltrated the state’s health care administration agency and others.

SolarWinds’ customers include most Fortune 500 companies, and it’s U.S. government clients are rich with generals and spymasters.

If the hackers are indeed from Russia’s SVR foreign intelligence agency, as experts believe, their resistance may be tenacious. When they hacked the White House, the Joint Chiefs of Staff and the State Department in 2014 and 2015 “it was a nightmare to get them out,” Alperovitch said.

Story continues below advertisement

The Pentagon has said it has so far not detected any intrusions from the SolarWinds campaign in any of its networks — classified or unclassified.

Sponsored content

AdChoices