The Maui News

Agency: Hack against US is ‘grave’ threat

Sophistica­ted attack was hard to detect and will be difficult to undo

- By BEN FOX

WASHINGTON — Federal authoritie­s expressed increased alarm Thursday about a long-undetected intrusion into U.S. and other computer systems around the globe that officials suspect was carried out by Russian hackers. The nation’s cybersecur­ity agency warned of a “grave” risk to government and private networks.

The hack compromise­d federal agencies and “critical infrastruc­ture” in a sophistica­ted attack that was hard to detect and will be difficult to undo, the Cybersecur­ity and Infrastruc­ture Security Agency said in an unusual warning message. The Department of Energy acknowledg­ed it was among those that had been hacked.

The attack, if authoritie­s can prove it was carried out by Russia as experts believe, creates a fresh foreign policy problem for President Donald Trump in his final days in office.

Trump, whose administra­tion has been criticized for eliminatin­g a White House cybersecur­ity adviser and downplayin­g Russian interferen­ce in the 2016 presidenti­al election, has made no public statements about the breach.

President-elect Joe Biden, who inherits a thorny U.S.-Russia relationsh­ip, spoke forcefully about the hack, declaring that he and Vice President-elect Kamala Harris “will make dealing with this breach a top priority from the moment we take office.”

“We need to disrupt and deter our adversarie­s from undertakin­g significan­t cyberattac­ks in the first place,” he said. “We will do that by, among other things, imposing substantia­l costs on those responsibl­e for such malicious attacks, including in coordinati­on with our allies and partners.”

“There’s a lot we don’t yet know, but what we do know is a matter of great concern,” Biden said.

CISA officials did not respond to questions and so it was unclear what the agency meant by a “grave threat” or by “critical infrastruc­ture” possibly targeted in the attack that the agency says appeared to have begun in March. Homeland Security, the agency’s parent department, defines such infrastruc­ture as any

“vital” assets to the U.S. or its economy, a broad category that could include power plants and financial institutio­ns.

The agency previously said the perpetrato­rs had used network management software from Texas-based SolarWinds to infiltrate computer networks. Its new alert said the attackers may have used other methods, as well.

Tech giant Microsoft, which has helped respond to the breach, revealed late Thursday that it had identified more than 40 government agencies, think tanks, nongovernm­ental organizati­ons and IT companies infiltrate­d by the hackers. It said four in five were in the United States — nearly half of them tech companies — with victims also in Canada,

Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.

“This is not ‘espionage as usual,’ even in the digital age. Instead, it represents an act of recklessne­ss that created a serious technologi­cal vulnerabil­ity for the United States and the world,” Microsoft said in a blog post.

Over the weekend, amid reports that the Treasury and Commerce department­s were breached, CISA directed all civilian agencies of the federal government to remove SolarWinds from their servers. The cybersecur­ity agencies of Britain and Ireland issued similar alerts.

A U.S. official previously told The Associated Press that Russia-based hackers were suspected, but neither CISA nor the FBI has publicly said who is believed to be responsibl­e. Asked whether Russia was behind the attack, the official said: “We believe so. We haven’t said that publicly yet because it isn’t 100 percent confirmed.”

Another U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigat­ion, said the hack was severe and extremely damaging although the administra­tion was not yet ready to publicly blame anyone for it.

“This is looking like it’s the worst hacking case in the history of America,” the official said. “They got into everything.”

At the Department of Energy, the initial investigat­ion revealed that malware injected into its networks via a SolarWinds update has been found only on its business networks and has not affected national security operations, including the agency that manages the nation’s nuclear weapons stockpile, according to its statement. It said vulnerable software was disconnect­ed from the DOE network to reduce any risk.

The intentions of the perpetrato­rs appear to be espionage and gathering informatio­n rather than destructio­n, according to security experts and former government officials. If so, they are now well situated.

Thomas Bossert, a former Trump Homeland Security adviser, said in an opinion article in The New York Times that the U.S. should now act as if the Russian government had gained control of the networks it has penetrated. “The actual and perceived control of so many important networks could easily be used to undermine public and consumer trust in data, written communicat­ions and services,” he wrote.

Members of Congress said

?? AP file photo ?? The sign outside the National Security Agency campus in Fort Meade, Md., is shown in this photo from 2013. All fingers are pointing to Russia as author of the worst-ever hack of U.S. government agencies. But President Donald Trump, long wary of blaming Moscow for cyberattac­ks has so far been silent.
AP file photo The sign outside the National Security Agency campus in Fort Meade, Md., is shown in this photo from 2013. All fingers are pointing to Russia as author of the worst-ever hack of U.S. government agencies. But President Donald Trump, long wary of blaming Moscow for cyberattac­ks has so far been silent.

Newspapers in English

Newspapers from United States