This week, American businesses and government institutions reported that Russian hackers had infiltrated sensitive networks throughout their systems and were still present and able to cause immeasurable damage.
President Donald Trump only acknowledged the hacking on Saturday almost a week after it surfaced, downplaying its importance and questioning whether the Russians were to blame.
The extent of the breach is still being examined by officials but we do know that the computer systems at the Treasury, Commerce, and Homeland Security departments were successfully infiltrated.
“I have been fully briefed and everything is well under control,” Trump tweeted in his first public comments on the hack, adding that “Russia Russia Russia is the priority chant when anything happens” and suggesting without offering evidence that China “may” also be involved.
A U.S. official, speaking anonymously to the Associated Press on Thursday said the hack was a severe assault on our systems, saying, “This is looking like it’s the worst hacking case in the history of America. They got into everything.”
Trump’s response was in sharp contradiction to comments a day earlier from Secretary of State Mike Pompeo about both the source and the severity of the attack. Pompeo had said the breach — which cyber experts say could have far-reaching impact and take months to unravel — was “pretty clearly” Russia’s work.
“There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems,” Pompeo told interviewer Mark Levin, alluding to widely used security software from Texas firm SolarWinds.
Joe Biden’s have options for Russian hacking punishment: sanctions, cyber response
President-elect Joe Biden’s team will consider several options to punish Russia for its suspected role in the unprecedented hacking of US government agencies and companies once he takes office, from new financial sanctions to cyberattacks on Russian infrastructure, people familiar with the matter say.
The response will need to be strong enough to impose a high economic, financial or technological cost on the perpetrators, but avoid an escalating conflict between two nuclear-armed Cold War adversaries, said one of the people familiar with Biden’s deliberations, speaking on condition of anonymity.
The overarching goal of any action, which could also include stepped-up counter cyber espionage efforts, would be to create effective deterrence and diminish the potency of future Russian cyber spying, the person said.
The unfolding crisis – and the lack of visibility over the extent of the infiltration into the computer networks of federal agencies including the Treasury, Energy, and Commerce Departments – will push to the front of Biden’s agenda when he takes office on Jan. 20.
CNN said White House officials had made plans Friday to release a statement directly blaming Russia before it was abruptly pulled back for unclear reasons
Playing down threats
It was far from the first time the president has played down apparent threats from Russia, starting with his refusal to recognize interference by Moscow in the 2016 election despite the clear finding of U.S. intelligence agencies.
Russia has denied involvement in the latest attack, but several officials in and out of the U.S. government have pointed the finger at Moscow, and none at Beijing.
There was no immediate reaction from China.
Dramatic details about the extraordinarily wide attack have emerged even as President-elect Joe Biden prepares to take office next month amid already high tensions with Moscow.
Biden has expressed “great concern” over the breach.
The US Cybersecurity and Infrastructure Security Agency said Thursday that the attack poses a “grave risk” and thwarting it would be “highly complex.” It did not identify those behind it.
On Friday, Senator Marco Rubio, a prominent Republican, tweeted that “the methods used to carry out the cyber hack are consistent with Russian cyber operations,” while adding that it was crucial to be certain.
“We can’t afford to be wrong on attribution, because America must retaliate, and not just with sanctions.”
In a move planned before news of the cyberattack emerged, the State Department on Saturday confirmed plans to close the two remaining U.S. consulates in Russia, in Vladivostok and Yekaterinburg, due to “ongoing staffing challenges.”
Among the government agencies affected by the cyberattack, according to media reports, are the departments of State, Treasury, Commerce, and Homeland Security.
Also targeted were the National Institutes of Health — at a time of keen interest in coronavirus vaccines — as well as the Energy Department and National Nuclear Security Administration, which manage the nuclear weapons stockpile.
Microsoft said Thursday that it had notified more than 40 customers hit by the malware, which security experts say could allow attackers unfettered network access to key government systems and electric power grids and other utilities.
Roughly 80 percent of the affected customers are located in the United States, Microsoft president Brad Smith said in a blog post, with victims also found in Belgium, Britain, Canada, Israel, Mexico, Spain, and the United Arab Emirates.
“The number and location of victims will certainly keep growing,” Smith said.
NATO said Saturday it was checking its computer systems but had found “no evidence of compromise.”
The European Commission said Saturday it had not found any computer system intrusion but was “analyzing the situation.”
In one of his two tweets Saturday, Trump attempted to link the cyberattack to his persistent efforts to undercut Biden’s election win.
“There could also have been a hit on our ridiculous voting machines during the election, which is now obvious that I won big, making it an even more corrupted embarrassment for the USA.”
In an Opinion piece for the New York Times, Thomas Bossert, a former Trump Homeland Security adviser, said the U.S. should act as though the Russians had full control of those hacked systems, writing, “The actual and perceived control of so many important networks could easily be used to undermine public and consumer trust in data, written communications, and services.”
Republican Sen. Mitt Romney, R-Utah. described the situation as dire, saying the “Cyber hack is like Russian bombers have been repeatedly flying undetected over our entire country.”’
The hackers initially targeted a network management software company called SolarWinds to infiltrate other private and government computer networks.
Microsoft, which has pitched in to try to identify and contain the breach reported this week that it had identified more than 40 government agencies, think tanks, non-governmental organizations, and IT companies infiltrated by the hackers, as the AP reported.
Most of the hacking victims were in the United States but there were also successful attacks in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel, and the United Arab Emirates.
President Trump must respond, vocally to this attack. The administration must be stern and to the point and it must be made clear to Russia that the United States will not tolerate this.
Incoming President-elect Joe Biden struck the right tone in his official response this week.
“We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” Biden said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”
Early in his administration, Trump hit Russia with numerous sanctions after the infamous election meddling of 2016. Later he attacked and killed Russian mercenaries in Syria and sold sophisticated weapons to Ukraine as a deterrent to Russian aggression.
If similar measures or actions are on the table, as well as our offensive cyber capabilities it would be appropriate to employ them. It may be that timing of the retaliatory measures would be best suited for the Biden administration but either way, we need a response from the current president ASAP.