ZCZC
BFF-10
US-COMPUTERS-HACK-RUSSIA-POLITICS
Cyberattack on US government poses ‘grave risk’: security agency
WASHINGTON, Dec 18, 2020 (BSS/AFP) – A sophisticated cyberattack on US
government agencies and private companies that was revealed this week poses a
“grave risk” and thwarting it will be “highly complex,” the US computer
security agency said Thursday.
President-elect Joe Biden expressed “great concern” over the computer
breach while Utah Senator Mitt Romney blamed Russia and slammed what he
called “inexcusable silence” from the White House.
The US Cybersecurity and Infrastructure Security Agency (CISA) said US
government agencies, critical infrastructure entities, and private sector
organizations had been targeted by what it called an “advanced persistent
threat actor.”
CISA did not identify who was behind the malware attack but private
security companies pointed a finger at hackers linked to the Russian
government.
US Secretary of State Mike Pompeo also suggested involvement by Moscow on
Monday, saying the Russian government had made repeated attempts to breach US
government networks.
Romney likened the cyberattack to as if “Russian bombers have been
repeatedly flying undetected over our entire country.”
He said it highlighted “alarming US vulnerability” plus “cyber warfare
weakness” and “glaringly inadequate cyber defenses.”
The 2012 Republican presidential candidate condemned what he called
“inexcusable silence and inaction from the White House” of President Donald
Trump.
CISA said the computer intrusions began in at least March 2020 and the
actor behind them had “demonstrated patience, operational security and
complex tradecraft.”
“This threat poses a grave risk,” CISA said in a statement, adding that it
“expects that removing this threat actor from compromised environments will
be highly complex and challenging for organizations.”
Biden, who is to be sworn in as president on January 20, said the breach
affected “potentially thousands of victims, including US companies and
federal government entities.”
“My administration will make cybersecurity a top priority at every level of
government — and we will make dealing with this breach a top priority,” he
said in a statement.
“We need to disrupt and deter our adversaries from undertaking significant
cyberattacks in the first place,” Biden said. “We will do that by, among
other things, imposing substantial costs on those responsible for such
malicious attacks.
“Our adversaries should know that, as president, I will not stand idly by
in the face of cyber assaults on our nation.”
– FBI investigating –
According to CISA, the attackers managed to breach computer networks using
enterprise management network software made by the Texas-based IT company
SolarWinds.
“CISA has evidence of additional initial access vectors, other than the
SolarWinds Orion platform; however, these are still being investigated,” CISA
said.
Hackers reportedly installed malware on software used by the US Treasury
Department and the Commerce Department, allowing them to view internal email
traffic.
SolarWinds said up to 18,000 customers, including government agencies and
Fortune 500 companies, had downloaded compromised software updates, allowing
hackers to spy on email exchanges.
After the attack was detected, CISA ordered federal agencies to power down
the breached software.
The content the hackers sought to steal — and how successful they were —
remains unknown.
The FBI has opened an investigation to identify those responsible for the
hack and emergency discussions have been held at the White House to discuss
the government’s response.
US National Security Advisor Robert O’Brien cut short a trip to the Middle
East and Europe this week to deal with the fallout from the breach.
BSS/AFP/GMR/0925 hrs