It’s unclear exactly what the hackers were looking for, but experts say it could include nuclear secrets, plans for advanced weapons, research related to the COVID-19 vaccine and information for files on key government and industry leaders.
“We’re still unpacking exactly what it is, and I’m sure some of it will remain classified,” Pompeo said in an interview late Friday with radio host Mark Levin. “But suffice to say, there was a significant effort to use a piece of third-party software to essentially embed code within US government systems. And now it appears that the systems of private companies and companies and governments around the world also – very significant effort, and I think it’s true that we can now say quite clearly that it was the Russians who participated in this activity. “
Russia has said it “has nothing to do” with piracy.
White House deputy press secretary Brian Morgenstern told reporters Friday that national security adviser Robert O’Brien has at times been conducting multiple daily meetings with the FBI, the Department of Homeland Security, and intelligence agencies. , looking for ways to mitigate the attack.
He did not provide details, “but rest assured that we have the best and the brightest working hard at it every day.”
Democratic leaders of four House committees that received classified reports from the administration on the attack issued a statement complaining that they “were left with more questions than answers.”
“Administration officials were unwilling to share the full scope of the violation and the identities of the victims,” they said.
Pompeo, in the interview with Levin, said that Russia was on the list of “people who want to undermine our way of life, our republic, our basic democratic principles … You watch the news of the day regarding their efforts in cyberspace. We’ve seen this for a long time, using asymmetric capabilities to try to put ourselves in a place where they can impose costs on the United States. “
What makes this hacking campaign so extraordinary is its scale: 18,000 organizations were infected from March to June by malicious code that was coupled to popular network management software from an Austin, Texas company called SolarWinds.
It will take months to kick elite hackers off of US government networks that they have been quietly reviewing since March.
Experts say there are simply not enough trained threat hunting teams to properly identify all government and private sector systems that may have been hacked. FireEye, the cybersecurity company that discovered the intrusion in US agencies and was among the victims, has already counted dozens of victims. It is a race to identify more.
Many federal workers, and others in the private sector, must assume that unclassified networks are crawling with spies. Agencies will be more inclined to conduct sensitive government business on Signal, WhatsApp, and other encrypted smartphone apps.
“We should buckle up. It will be a long road,” said Dmitri Alperovitch, co-founder and former chief technical officer of leading cybersecurity firm CrowdStrike. “Cleaning is only phase one.”
The only way to make sure a network is clean is to “burn it to the ground and rebuild it,” Schneier said.
Florida became the first state to acknowledge being the victim of an attack on SolarWinds. Officials told The Associated Press that the hackers apparently infiltrated the state’s health care management agency and others.
SolarWinds customers include most of the Fortune 500 companies, and its US government customers are rich in generals and spies.
If the hackers are indeed from Russia’s SVR foreign intelligence agency, as experts believe, their resistance may be stubborn. When the White House, the Joint Chiefs of Staff and the State Department were hacked in 2014 and 2015 “it was a nightmare to get them out,” Alperovitch said.
The Pentagon has said that so far it has not detected any intrusions from the SolarWinds campaign on any of its networks, classified or unclassified.
– Reported with Associated Press