A joint statement by the FBI, Directorate of National
Intelligence, the National Security Agency and Cybersecurity and Infrastructure
Security Agency outlined their findings in what experts have called the most
devastating break in U.S. computer security in years.
Their investigation "indicates that an Advanced
Persistent Threat (APT) actor, likely Russian in origin, is responsible for
most or all of the recently discovered, ongoing cyber compromises of both
government and non-governmental networks," they said.
Trump, who over four years has steadfastly avoided
criticizing Moscow, has refused to finger Russia in the hacking case.
"Russia, Russia, Russia is the priority chant when
anything happens," he tweeted about the hack in December, adding that the
media were, "for mostly financial reasons, petrified of discussing the
possibility that it may be China (it may!)."
Both Secretary of State Mike Pompeo and then-Attorney
General Bill Barr have also previously pointed to Moscow as the culprits.
According to CISA, the hack is focused on the Orion security
software produced by the U.S. firm SolarWinds, widely found in government and
private sector computers across the globe.
Some 18,000 public and private customers of SolarWinds would
be vulnerable to the hack, the statement said.
But it said that out of that number, "a much smaller
number have been compromised by follow-on activity on their systems."
So far investigators have found less than 10 U.S. government
agencies whose systems were compromised, the statement said.
The statement did not identify which agencies. But some have
admitted they were targets, including the State Department, Commerce
Department, Treasury, Homeland Security Department, Defense Department, and the
National Institutes of Health.
The intrusion, which began earlier this year, only became
public in December, revealed by private security consultants.
It sparked concerns that those behind it may have been able
to access highly classified government secrets.
The three agencies said that they believe the hack
"was, and continues to be, an intelligence gathering effort," rather
than an effort to steal corporate secrets or wreak damage on IT systems.
"This is a serious compromise that will require a sustained
and dedicated effort to remediate," they said.
The wording in the attribution, that it was
"likely" a breach by Russians, came under fire from a senior lawmaker
who had already been briefed by U.S. intelligence in December on it.
"It's unfortunate that it has taken over three weeks
after the revelation of an intrusion this significant for this Administration
to finally issue a tentative attribution," said Senator Mark Warner, vice
chairman of the Senate Intelligence committee.
"I would hope that we will begin to see something more
definitive," he said.
"We need to make clear to Russia that any misuse of
compromised networks to produce destructive or harmful effects is unacceptable
and will prompt an appropriately strong response."
0 comments:
Post a Comment