Federal authorities are sounding the alarm over a long-undetected intrusion in the United States and other computer systems around the world, which officials suspect was carried out by Russian hackers. The nation’s cybersecurity agency has warned of a “serious” risk to government and private networks.
The hack compromised federal agencies and “critical infrastructure” in a sophisticated attack that was difficult to detect and will be difficult to undo, the Cybersecurity and Infrastructure Agency said on Thursday. The Department of Energy has acknowledged that it is among those who have been hacked.
The attack, if the authorities can prove that it was carried out by Russia, as experts believe, creates a new foreign policy problem for President Donald Trump in his last days in office.
Trump, whose administration has been criticized for removing a White House cybersecurity adviser and minimizing Russian interference in the 2016 presidential election, has not made any public statements about the violation.
President-elect Joe Biden, who inherits a thorny US-Russia relationship, spoke loudly about the hack, saying he and Vice President-elect Kamala Harris “will make dealing with this violation a priority from the moment we take office.”
WHITE HOUSE CONFIRMS CYBERATTACK REPORT ON US TREASURY BY FOREIGN GOVERNMENT
“We need to stop and discourage our opponents from carrying out significant cyber attacks in the first place,” he said. “We will do this, among other things, by imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”
“There are many that we don’t know yet, but what we do know is a matter of great concern,” Biden said.
CISA officials did not respond to questions, so it was unclear what the agency meant by a “serious threat” or “critical infrastructure” possibly targeted in the attack, which the agency says appears to have begun in March. last. Homeland Security, the agency’s parent department, defines such infrastructure as any “vital” asset to the United States or its economy, a broad category that could include power plants and financial institutions.
The agency previously said the perpetrators used network management software from SolarWinds in Texas to infiltrate computer networks. His new alert said the attackers could have used other methods.
Technical giant Microsoft, which helped respond to the breach, revealed late Thursday that it had identified more than 40 government agencies, think tanks, non-governmental organizations and IT companies infiltrated by hackers. According to him, four out of five were in the United States – almost half of them technology companies – with victims and in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.
ENVIRONMENTAL GROUP CZAR RAN, ACCUSED OF CONFERENCE WITH CHINA
This is not “espionage as usual”, not even in the digital age. Instead, it is an act of recklessness that has created a serious technological vulnerability for the United States and the world, “Microsoft said in a blog post.
Over the weekend, amid reports that Treasury and Commerce departments had been breached, CISA instructed all federal government civilian agencies to remove SolarWinds from their servers. Cyber security agencies in the UK and Ireland have issued similar alerts.
An American official previously told the Associated Press that hackers in Russia are suspected, but neither the CISA nor the FBI have publicly said who is considered responsible. Asked if Russia is behind the attack, the official said: “We think so. I have not said this publicly yet, because it is not 100% confirmed “.
Another US official, who spoke on condition of anonymity on Thursday to discuss an issue that is being investigated, said the hack was severe and extremely harmful, although the administration was not yet ready to blame anyone for it.
“It appears to be the worst case of hacking in American history,” the official said. “They got into everything.”
MASSACHUSETTS REGULATORS ACCUSE ROBINARIA TO ENDURE INEXPERIENCED INVESTORS, PUTTING “ASSETS AT RISK”
At the Department of Energy, the initial investigation showed that malware injected into its networks through a SolarWinds update was found only in its business networks and did not affect national security operations, including the agency that manages the nation’s nuclear weapons stockpile. according to the statement. The vulnerable program has been disconnected from the DOE network to reduce any risk.
The authors’ intentions appear to be espionage and intelligence gathering rather than destruction, according to security experts and former government officials. If so, they are now remarkably well located.
Thomas Bossert, a former adviser to Trump Homeland Security, said in an opinion piece in The New York Times that the United States should now act as if the Russian government has gained control of the networks it has penetrated. “The real and perceived control of so many important networks could easily be used to undermine public and consumer confidence in data, written communications and services,” he wrote.
Members of Congress feared that taxpayers’ personal information could be exposed because the IRS is part of the Treasury, which used SolarWinds software. Experts involved in responding to hacks say intruders are probably not interested in such data because they are intelligence agents who focus strictly on sensitive national security data – and attempting to steal taxpayers’ information would likely trigger alarms.
Tom Kellermann, head of cybersecurity at VMware, said hackers are now “omniscient about the operations” of the federal agencies they infiltrated “and there is a viable concern that they could influence the attacks.” destructive within these agencies ”I have now been discovered.
AZAR CELEBRATES THE HEALTH WORKER’S VACCINE: “IT’S THE VACCINE OF THE AMERICAN PEOPLE”
Business sectors struggling to protect their systems and assess potential information theft include defense contractors, technology companies and telecommunications and electricity network providers.
A group led by executives in the electricity industry said they had launched a “situational awareness call” earlier this week to help electricity companies and public energy utilities identify whether the compromise posed a threat to their networks.
And dozens of smaller institutions that seemed to have little data of interest to foreign spies were still forced to respond to the hack.
Helix Water District, which supplies drinking water to suburbs in San Diego, California, said it provided a patch for its SolarWinds software after receiving advice the IT company sent about 33,000 customers on Sunday.
Click here to get the FOX NEWS app
“While using SolarWinds, we are unaware of the district’s impact of security breaches,” said Michelle Curtis, a water district spokeswoman.