U.S.: HACKING ‘LIKELY’ CAME FROM RUSSIA
U.S. intelligence agencies formally named Russia as the “likely” source of the broad hacking of the U.S. government and private companies, and declared that the operation was “ongoing ” nearly a month after it was discovered.
The statement — jointly issued by four government agencies — was a clear rebuke of President Donald Trump’s effort, in posts on Twitter, to suggest that China was behind the hacking. Inside the intelligence agencies, there are few doubts that Russia is responsible. There has been no information gathered pointing to China, according to people briefed on the material.
The statement also underscored the degree to which U.S. intelligence agencies are still playing catchup, after being alerted in mid-December by private security firms to the broadest and deepest penetration of U.S. computer networks in modern times.
The carefully worded statement was as definitive a blaming of Russia as the United States has made, and echoed statements made in 2016 about the Kremlin’s interference in the election. It took months in that case to link the attacks back to orders given by President Vladimir Putin.
Putin and his lead intelligence agency, the SVR, were not mentioned in the statement issued Tuesday. But the broad conclusion that Russia was the likely source of the penetration of U.S. systems had already been announced by Secretary of State Mike Pompeo and the attorney general at the time, William Barr.
Still, a formal conclusion sets the stage for retaliation.
The statement said that a still unidentified cyberactor, “likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cybercompromises of both government and nongovernmental networks.”
It added: “At this time, we believe this was, and continues to be, an intelligence gathering effort.”
The characterization of the intrusion as an “intelligence gathering effort” was significant, because it indicates there is no indication that Russians had planted malware in U.S. systems in order to cause disruptions to power grids or alter data in government or private databases.
But in interviews over the past two weeks, government and private officials have said they are still discovering the scope of the intrusions, and it may take months to figure out whether Russia or others may make more malicious use of “back doors” they placed in the systems.