US cyberattack: Russia 'clearly' behind SolarWinds hack, says Pompeo but Trump points to China
US Secretary of State Mike Pompeo blamed Russia as the mastermind behind what is considered the worst cyber attack on the United States government.
On December 13, 2020, The Washington Post reported that multiple government agencies were breached through SolarWinds's Orion software.
Pompeo is the first official to publicly link Russia and has described what happened as a massive campaign of "serious and continuous" cyber espionage against the US government.
According to Pompeo, within a few months, Russia allegedly entered several US government agencies and private firms, in addition to companies and governments around the world.
"There was a significant effort to use a piece of third-party software to essentially embed code inside US government systems,"
Pompeo said.
"We can say pretty clearly that it was the Russians that engaged in this activity,"
he added.
Asked about the criticism, Pompeo suggested that Trump had maintained his silence so as not to interfere with investigations into the incident.
The cyberattack operated undetected for months and reportedly hit multiple government agencies. APT29 aka Cozy Bear (a Russian hacker group believed to be associated with one or more intelligence agencies of Russia), was reported to be behind the attack.
Victims of this attack include the cybersecurity firm FireEye, the US Treasury Department, the US Department of Commerce's National Telecommunications and Information Administration, as well as the US Department of Homeland Security.
Prominent international SolarWinds customers investigating whether they were impacted include the North Atlantic Treaty Organization (NATO), the European Parliament, UK Government Communications Headquarters, the UK Ministry of Defence, the UK National Health Service (NHS), the UK Home Office, and AstraZeneca.
US President Donald Trump on Saturday broke his silence about the cyber attack and insisted it was "under control."
Trump also contradicts Secretary of State Mike Pompeo's comments, he does not believe that Russia is behind it, and instead blames China.
On December 19, he stated that the media had overblown the severity of the incident, that "everything is well under control", and proposing that China, rather than Russia, might be responsible; Trump then pivoted to insisting that he had won the 2020 presidential election.
"Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of...discussing the possibility that it may be China (it may!),"
Trump wrote.
Trump suggested that the attacks could have affected the "ridiculous" voting machines during the vote and insisted again that he won "clearly by hand."......
Pompeo added that American investigators are still investigating further information about the attack.
The attacker apparently exploited software from at least three U.S. firms: Microsoft, SolarWinds, and VMware. A supply chain attack on SolarWinds's Orion software, widely used in government and industry, gave the attackers a foothold in victims' networks. Flaws in Microsoft and VMWare products allowed the attackers to access emails and other documents, and to perform federated authentication across victim resources.
SolarWinds, said that nearly 18,000 of its customers received a software update tainted with malware, beginning in March. The malicious code operated as a kind of Trojan horse, enabling hackers to stealthily access the systems of the affected agencies and companies.
Although it is not yet completely clear what the hackers were looking for, Pompeo pointed out that the attacks were aimed at implanting a computer code within the systems of the US Executive, using a piece of third-party software. The code has also been detected in security systems of companies in the country, as well as in companies and governments around the world.
According to experts, cyber espionage could search for nuclear secrets, advanced weaponry design, research related to the Covid-19 vaccine, as well as key confidential information on government and industry leaders.
Russia, for its part, has denied any involvement in the attacks.
Comments
Post a Comment