Experts: US govt. caught blindsided in sophisticated cyber hack, 200 agencies hit

After one of the most successful cyber intrusion operations in US history, questions remain abound over how the federal government have been so utterly blindsided by an attack many experts describe as a grave threat that should have been anticipated.

The effective and still ongoing hacking spree targeting numerous federal institutions and tens of thousands of individual federal and private entities — widely assumed to be initiated from a Russian source, without any evidence -- managed to disrupt sophisticated protections by targeting third-party software contractor SolarWinds, according to US-based press reports.

“We shouldn’t have been surprised, the Russians are very sophisticated, they are very dedicated and relentless, and this appeared to be a soft target they were able to exploit,” said former State Department cyber security coordinator under both the Trump and Obama administrations, Christopher Painter, as quoted in a Friday report by The Hill. 

“This is the most significant cyber attack in the history of the United States,” it further emphasized, quoting Tom Kellermann, a former member of an Obama administration cyber security commission and current head of cyber security at VMWare CarbonBlack. “It’s unprecedented in the 22 years I’ve been in the business.”

Kellermann also claimed that Moscow had escalated its cyber attacks against the US in retaliation for American “success of securing the 2020 elections and following the disruption of international botnet group ‘TrickBot’ that targeted US critical infrastructure with ransomware viruses.” 

He did not, however, point to any proofs for making such allegations as significant details are reportedly emerging about overlooked vulnerabilities.

Citing several former and current American authorities and experts, the report further alleged that Russia -- alongside China, North Korea and Iran – “is considered one of the pressing threats to the US in multiple fields.

As of Friday, the news outlet added, agencies including the Department of Energy and its National Nuclear Security Administration, the Department of Homeland Security, the State Department, and the Treasury Department had been breached as part of the alleged espionage operation.

It further cited SolarWinds as estimating that at least 18,000 of its customers were compromised by the cyber attack, in which the hackers accessed systems as early as March amid growing fears over how much data they took or were able to access.

 Numerous US lawmakers have also accused Russia of involvement in the latest cyber attack and called for strong measures to prevent future hacking efforts as well as reprisal actions to deter such intrusions.

Trump discounts impact of huge hack, alleged Russia role, blames China

Lame-duck US President Donald Trump downplays seriousness and impact of a massive cyber attack on key federal agencies and the alleged Russian role.

“This cyber attack likely perpetrated by the Russians spotlights the glaring vulnerabilities of our federal cyber security system,” tweeted Republican Senator Susan Collins from Maine who sits on the Senate Select Committee on Intelligence. 

“The President should immediately sign the NDAA not only to keep our military strong but also because it contains significant cyber security provisions that would help thwart future attacks,” she added. 

According to the report, US national security officials also feel challenged by how to respond to foreign cyber espionage, resistant to imposing high costs that could be inflicted on the US over its own intelligence gathering.

It cited President Donald Trump’s former national security advisor John Bolton as saying in an interview with MSNBC televised news network that US response to cyber attacks “needs to be at least three times more than the cost of the attack that was incurred.”

“The top priority has got to be, if we determine it’s the Russians, that’s where the information tends to point, what the retaliation is going to be," he said. "And I think it ought to be, whatever we assess what the cost we incur to be — plus, plus, plus. That’s how you reestablish deterrence.” 

Nearly 200 agencies allegedly hacked

This is while some 200 government institution have reportedly been hacked as part of the latest cyber security attack on SolarWinds, Bloomberg News reported.

It cited the Massachusetts-based cyber security firm Recorded Future as identifying 198 people that were hacked by a malicious update.

Nearly 18,000 SolarWinds customers received the malicious update, according to the news outlet, which did not identify the victims but underlined that the number is expected to grow as the investigation into the hack continues. Of that number, more than 1,000 experienced a malicious code ping that gave hackers further access to sensitive networks. 

Meanwhile, a SolarWinds spokesperson said it "continues collaborating closely with our customers, security professionals, law enforcement and intelligence communities across the globe to determine the responsible parties for this attack and whether the attack against us and our customers was directed by a foreign government, and to gather all relevant and accurate information to assist the community." 

The firm further declared in a statement that it used open source datasets and information provided by the security researcher community to "identify a likely partial list of organizations affected by the SolarWinds backdoor."
The development comes as the US government grapples with the fallout of the cyber attack, which some have described as “an act of war.”

The Cybersecurity and Infrastructure Protection Agency said this week that the attack posed a “grave risk” to government and private sector organizations.

This is while Trump discounted the hack on Saturday and questioning whether the Russia was really behind it even though his Secretary of State Mike Pompeo said earlier “we can say pretty clearly that it was the Russians that engaged in the activity.”

Multiple government agencies were reported to have been compromised over the past week, including the State Department, Department of Defense and agencies within the Department of Energy.

Hack against US is 'grave' threat

Meanwhile, US Cybersecurity and Infrastructure Security Agency (CISA) warned of “grave” risk to government and private networks, insisting that the hack compromised federal agencies and “critical infrastructure” in a sophisticated intrusion that was hard to detect and will be difficult to undo.

The attack, if authorities can prove it was carried out by Russia as experts believe, creates a fresh foreign policy problem for Trump in his final days in office.

President-elect Joe Biden, however, spoke forcefully about the hack, declaring that he and Vice-President-elect Kamala Harris “will make dealing with this breach a top priority from the moment we take office.”

“We need to disrupt and deter our adversaries from undertaking significant cyber attacks in the first place,” he said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in co-ordination with our allies and partners.”

“There’s a lot we don’t yet know, but what we do know is a matter of great concern,” Biden further asserted.

GOP Senator calls for ‘strong response’ against Russia, after cyberattack

Mitt Romney has called for “a strong response” against Russia to an alleged cyberattack on US Treasury and Commerce departments.

Tech giant Microsoft, which has helped respond to the breach, revealed late Thursday that it had identified more than 40 government agencies, think tanks, non-governmental organizations and IT companies infiltrated by the hackers. It said four in five were in the United States — nearly half of them tech companies — with victims also in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.

A US official previously told The Associated Press that Russia-based hackers were suspected, but neither CISA nor the FBI has publicly said who is believed to be responsible. Asked whether Russia was behind the attack, the official said: “We believe so. We haven’t said that publicly yet because it isn’t 100 percent confirmed.”

Another US official, speaking Thursday on condition of anonymity, was quoted in the report as saying the hack was severe and extremely damaging although the administration was not yet ready to publicly blame anyone for it.

“This is looking like it’s the worst hacking case in the history of America,” the official said. “They got into everything.”

Press TV’s website can also be accessed at the following alternate addresses:

www.presstv.ir