https://www.bbc.

com/news/world-us-canada-55374945

US cyber-attack: Russia 'clearly' behind

SolarWinds operation, says Pompeo
Published
1 day ago

US Secretary of State Mike Pompeo has blamed Russia for what is being described
as the worst-ever cyber espionage attack on the US government.
"We can say pretty clearly that it was the Russians that engaged in this activity,"
Mr Pompeo said on Friday.
President Trump downplayed the attack's severity - saying it was "under control" -
and cast doubt on Russia's role, hinting at Chinese involvement.
The hack, targeting software made by US firm SolarWinds, was found last week.
However, it had been going on for months. Russia has denied any involvement in
the attack.
Among the US agencies targeted was the office that manages nuclear weapons.
That government organisation, the US energy department, said however that the
arsenal's security had not been compromised.
Several other organisations around the world, including in the UK, are understood
to have been targeted by hackers using the same network management
software.
Researchers, who have named the hack Sunburst, say it could take years to fully
comprehend what is one of the biggest ever cyber-attacks.

What did Pompeo say about the cyber-attack?

In a radio interview with US talk show host Mark Levin on Friday, Mr Pompeo
said he believed that Russia had, over a period of months, penetrated several US
government agencies and private companies, along with other companies and
governments around the world.
He said there was "a significant effort to use a piece of third-party software to
essentially embed code inside US government systems".
Along with the US energy department, federal agencies targeted by what has
been described as a sophisticated cyber espionage operation include the
Treasury and departments of homeland security, state, defence and commerce.
Mr Pompeo said that US investigators looking into the attack were still "unpacking
precisely what it is", and that much of the information would likely remain
classified.
He said that Russia was trying to "undermine our way of life", adding that
Russian President "Vladimir Putin remains a real risk".

What has been the president's reaction?

In two tweets on Saturday, Mr Trump again turned on what he labels the "fake
news media" for exaggerating the matter.
He wrote: "The Cyber Hack is far greater in the Fake News Media than in
actuality.
"I have been fully briefed and everything is well under control. Russia, Russia,
Russia is the priority chant when anything happens because Lamestream is, for
mostly financial reasons, petrified of discussing the possibility that it may be
China (it may!)."
He did not mention his own secretary of state's comments and supplied no
evidence on any Chinese involvement.
Mr Pompeo has taken a strong line against Russia before. In his time as
secretary of state, the US has pulled out of a key nuclear treaty and the Open Skies
Treaty on aerial surveillance flights.
But the president has been far more ambivalent towards Moscow, downplaying
such incidents as allegations that Russia offered the Taliban bounties to kill US
troops - something Mr Pompeo had issued Moscow a stern warning about.
President-elect Joe Biden, who is due to be sworn in on 20 January, has vowed
to make cyber-security a "top priority" of his administration.
"We need to disrupt and deter our adversaries from undertaking significant cyber-
attacks in the first place," he said on Thursday.
"We will do that by, among other things, imposing substantial costs on those
responsible for such malicious attacks, including in co-ordination with our allies
and partners."

What do we know about the hacking campaign?

 Hackers managed to gain access to major organisations by compromising
network management software developed by Texas-based IT company
SolarWinds.
The access could have allowed the hackers to take a high degree of control over
the networks of organisations using that software, but appears to have been used
to steal data rather than for any disruptive or destructive impact.
 The US government agencies hacked
It is thought that those behind the operation targeted a narrow set of
organisations in an attempt to steal national-security, defence and other related
information.
However, while software may have been downloaded, that does not necessarily
mean data was taken.
SolarWinds Orion, the computer network tool at the source of the breach, earlier
said that 18,000 of its 300,000 customers might have been affected, but there is
no indication that significant theft of customer or citizen data was an aim of the
cyber-attack.
Investigators have said the months-long operation through SolarWinds could
have been launched before March this year.