Pompeo blames Russia for massive US cyberattack

Published December 20, 2020
Russia was “pretty clearly” behind a devastating cyberattack on several US government agencies that also hit targets worldwide, Secretary of State Mike Pompeo said. — Reuters/File
Russia was “pretty clearly” behind a devastating cyberattack on several US government agencies that also hit targets worldwide, Secretary of State Mike Pompeo said. — Reuters/File

WASHINGTON: Russia was “pretty clearly” behind a devastating cyberattack on several US government agencies that also hit targets worldwide, Secretary of State Mike Pompeo said.

Microsoft said late on Thursday that it had notified more than 40 customers hit by the malware, which security experts say could allow attackers unfettered network access to key government systems and electric power grids and other utilities.

“There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems,” Pompeo told The Mark Levin Show on Friday.

“This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”

Roughly 80 per cent of the affected customers are located in the United States, Microsoft president Brad Smith said in a blog post, with victims also found in Belgium, Britain, Canada, Israel, Mexico, Spain and the United Arab Emirates.

“It’s certain that the number and location of victims will keep growing,” Smith said, echoing concerns voiced this week by US officials on the serious threat from the attack.

“This is not ‘espionage as usual’, even in the digital age,” Smith said. “Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world.”

John Dickson of the security firm Denim Group said many private sector companies which could be vulnerable were scrambling to shore up security, even to the point of considering rebuilding servers and other equipment.

“Everyone is in damage assessment now because it’s so big,” Dickson said.

“It’s a severe body blow to confidence both in government and critical infrastructure.”

The threat comes from a long-running attack which is believed to have injected malware into computer networks using enterprise management network software made by the Texas-based IT company SolarWinds, with the hallmarks of a nation-state attack.

James Lewis, vice president at the Centre for Strategic and International Studies, said the attack may end up being the worst to hit the United States, eclipsing the 2014 hack of US government personnel records in a suspected Chinese infiltration.

“The scale is daunting. We don’t know what has been taken so that is one of the tasks for forensics,” Lewis said.

“We also don’t know what’s been left behind. The normal practice is to leave something behind so they can get back in, in the future.”

The National Security Agency called for increased vigilance to prevent unauthorised access to key military and civilian systems.

Analysts have said the attacks pose threats to national security by infiltrating key government systems, while also creating risks for controls of key infrastructure systems such as electric power grids and other utilities.

The US Cybersecurity and Infrastructure Security Agency (CISA) said government agencies, critical infrastructure entities, and private sector organisations had been targeted by what it called an “advanced persistent threat actor”. CISA did not identify who was behind the malware attack, but private security companies pointed a finger at hackers linked to the Russian government.

Pompeo had also suggested Moscow’s involvement on Monday, saying the Russian government had made repeated attempts to breach US government networks.

President-elect Joe Biden expressed “great concern” over the computer breach while Republican Senator Mitt Romney blamed Russia and slammed what he called “inexcusable silence” from the White House.

Published in Dawn, December 20th, 2020

Opinion

Editorial

Kurram atrocity
Updated 22 Nov, 2024

Kurram atrocity

It would be a monumental mistake for the state to continue ignoring the violence in Kurram.
Persistent grip
22 Nov, 2024

Persistent grip

PAKISTAN has now registered 50 polio cases this year. We all saw it coming and yet there was nothing we could do to...
Green transport
22 Nov, 2024

Green transport

THE government has taken a commendable step by announcing a New Energy Vehicle policy aiming to ensure that by 2030,...
Military option
Updated 21 Nov, 2024

Military option

While restoring peace is essential, addressing Balochistan’s socioeconomic deprivation is equally important.
HIV/AIDS disaster
21 Nov, 2024

HIV/AIDS disaster

A TORTUROUS sense of déjà vu is attached to the latest health fiasco at Multan’s Nishtar Hospital. The largest...
Dubious pardon
21 Nov, 2024

Dubious pardon

IT is disturbing how a crime as grave as custodial death has culminated in an out-of-court ‘settlement’. The...