Yesterday, George W. Bush/CNN expert Richard Clarke said the spies who hacked into our government agencies didn’t get anything more than we could get in a Google search. That was a misportrayal.
THE RUSSIANS DID IT
Unfortunately, that doesn’t appear to be the case. The hack is described as “grave” by CISA. On Friday, US Secretary of State Mike Pompeo said this week’s cyberattack — dubbed by one U.S. official as “the worst hacking case in the history of America” — was “pretty clearly” the work of Russians.
“[T]here was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. Government systems, and now it appears systems of private companies and companies and governments across the world as well,” Pompeo said. “This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”
Russian presidential spokesman Dmitry Peskov rejected the accusations, according to the Tass news agency.
THE GRAVE THREAT
The U.S. Cybersecurity and Infrastructure Security Agency said the threat “poses a grave risk to the federal government.” CISA has not said who it thinks is the “advanced persistent threat actor” behind the “significant and ongoing” campaign.
It’s not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data, CNBC reported.
In summary Thursday, the Cybersecurity and Infrastructure Security Agency said the threat “poses a grave risk to the federal government.”
They Got Into Everything
CISA added that “state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations” are also at risk.
The department believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.
“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” CISA said. “Removing the threat actor from compromised environments will be highly complex and challenging.”
As many as 18,000 SolarWinds Orion customers downloaded a software update that contained a backdoor, hackers used to gain access to the networks.
Americans now know it wasn’t SolarWinds Orion software alone that gave hackers the backdoor. We also know that SolarWinds was warned in 2019 that their password, SolarWinds123 wasn’t going to cut it. We wonder if John Podesta picked out their password – his was ‘passwØrd.’
In this clip from Dobbs’ show last night, Lou summarizes the situation and has General Flynn and cyber expert Morgan Wright comment. General Flynn said that other countries are involved and will share the intel with the President.
OTHER COUNTRIES WERE HACKED
Microsoft said that more than 40 client organizations were compromised in the attack.
“While roughly 80% of these customers are located in the United States, this work so far has also identified victims in seven additional countries,” Microsoft President Brad Smith said in a blog.
“This includes Canada and Mexico in North America; Belgium, Spain, the United Kingdom in Europe; and Israel and the UAE in the Middle East. The number and location of victims will certainly keep growing.”
Smith added that “this is not espionage as usual” and “while governments have spied on each other for centuries, the recent attackers used a technique that has put at risk the technology supply chain for the broader economy.”