U.S. cybersecurity agency warns of ‘grave’ threat from hack
Hackers got into computers at the U.S. Treasury Department and possibly other federal agencies, touching off a government response involving the National Security Council. Image via AP.

U.S. Treasury Department building
The Cybersecurity and Infrastructure Agency gave its most detailed comments yet since the suspected Russian attack that emerged this weekend.

Federal authorities expressed increased alarm Thursday about an intrusion into U.S. and other computer systems around the globe that officials suspect was carried out by Russian hackers. The nation’s cybersecurity agency warned of a “grave” risk to government and private networks.

The Cybersecurity and Infrastructure Security Agency said in its most detailed comments yet that the intrusion had compromised federal agencies as well as “critical infrastructure” in a sophisticated attack that was hard to detect and will be difficult to undo.

CISA did not say which agencies or infrastructure had been breached or what information taken in an attack that it previously said appeared to have begun in March.

“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” the agency said in its unusual alert. “CISA expects that removing the threat actor from compromised environments will be highly complex and challenging.”

President Donald Trump, whose administration has been criticized for eliminating a White House cybersecurity adviser and downplaying Russian interference in the 2016 presidential election, has made no public statements about the breach.

President-elect Joe Biden said he would make cybersecurity a top priority of his administration, but that stronger defenses are not enough.

“We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” he said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”

The cybersecurity agency previously said the perpetrators had used network management software from Texas-based SolarWinds to infiltrate computer networks. Its new alert said the attackers may have used other methods, as well.

Over the weekend, amid reports that the Treasury and Commerce departments were breached, CISA directed all civilian agencies of the federal government to remove SolarWinds from their servers. The cybersecurity agencies of Britain and Ireland issued similar alerts.

A U.S. official previously told The Associated Press that Russia-based hackers were suspected, but neither CISA nor the FBI has publicly said who is believed be responsible. Asked whether Russia was behind the attack, the official said: “We believe so. We haven’t said that publicly yet because it isn’t 100% confirmed.”

Another U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, said the hack was severe and extremely damaging although the administration was not yet ready to publicly blame anyone for it.

“This is looking like it’s the worst hacking case in the history of America,” the official said. “They got into everything.”

The official said the administration is working on the assumption that most, if not all, government agencies were compromised but the extent of the damage was not yet known.

___

Republished with permission of The Associated Press.

Associated Press



#FlaPol

Florida Politics is a statewide, new media platform covering campaigns, elections, government, policy, and lobbying in Florida. This platform and all of its content are owned by Extensive Enterprises Media.

Publisher: Peter Schorsch @PeterSchorschFL

Contributors & reporters: Phil Ammann, Drew Dixon, Roseanne Dunkelberger, A.G. Gancarski, Ryan Nicol, Jacob Ogles, Cole Pepper, Jesse Scheckner, Drew Wilson, and Mike Wright.

Email: [email protected]
Twitter: @PeterSchorschFL
Phone: (727) 642-3162
Address: 204 37th Avenue North #182
St. Petersburg, Florida 33704