MASSIVE HACK IS ‘A GRAVE RISK’ TO U.S.
Officials fear fallout as Trump stays silent
The U.S. government’s cybersecurity agency warned Thursday that an array of federal and state agencies have likely been compromised in a suspected Russian espionage hack that one official dubbed the worst case of its kind “in the history of America.”
The Cybersecurity and Infrastructure Security Agency, commonly known by its acronym CISA, did not name the specific agencies or states targeted by the “complex” hacking operation, but noted that parts of the private sector were likely impacted as well.
“This threat poses a grave risk to the federal government and state, local, tribal and territorial governments as well as critical infrastructure entities and other private sector organizations,” CISA said in an unusual alert posted on its website, adding that “removing the threat actor from compromised environments will be highly complex and challenging.”
CISA and FBI have not officially pointed fingers at Russia, but federal officials speaking on condition of anonymity said the intrusion carries all the hallmarks of a Kremlin plot.
“This is looking like it’s the worst hacking case in the history of
America,” one official said. “They got into everything.”
Though CISA didn’t elaborate on which agencies were compromised, the Commerce and Agriculture Departments have publicly admitted they were hit by the attack, which began at least as early as March.
In an alarming development, Politico reported Thursday afternoon that the Energy Department and the National Nuclear Security Administration — which maintains the U.S. nuclear weapons stockpile — also had their computer systems breached.
Even though word of the suspected Russian hacking scheme first emerged last weekend, President Trump has not issued any public comment about it.
Trump’s outgoing administration has long faced criticism for eliminating a White House cybersecurity post and downplaying Russia’s interference in the 2016 election. Trump also recently fired CISA Director Christopher Krebs after Krebs disputed the president’s false claim that Joe Biden’s election victory was facilitated by fraud.
Biden issued a lengthy statement Thursday about the cyberattack and said his team has been briefed by intelligence officials.
“I want to be clear: My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority from the moment we take office,” Biden said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners. Our adversaries should know that, as president, I will not stand idly by in the face of cyberassaults on our nation.”
The hackers used the software management system SolarWinds to tap into computer servers, according to CISA.
SolarWinds is used across various federal and state government agencies, raising concern among cybersecurity experts that anything from the Pentagon to public health agencies battling the coronavirus pandemic may have been compromised.
It’s not yet clear what type of information the hackers managed to access, but CISA said the “patient, well-resourced and focused” actors “sustained long duration activity on victim networks.”
CISA has instructed all federal and state agencies to disconnect or power down their SolarWinds products. However, the agency also warned that the hackers may have used other ports of entry as well.
“It is likely that the adversary has additional initial access vectors and tactics, techniques and procedures that have not yet been discovered,” the agency said.