TLTP
WASHINGTON
Russia was “pretty clearly” behind a devastating cyberattack on several US government agencies that also hit targets worldwide, Secretary of State Mike Pompeo said.
Microsoft said that it had notified more than 40 customers hit by the malware, which security experts say could allow attackers unfettered network access to key government systems and electric power grids and other utilities.
“There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems,” Pompeo told The Mark Levin Show on Friday.
“This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”
Pompeo is the highest-ranking official in President Donald Trump’s administration to suggest Russian involvement in the attack, with the president himself remaining silent on the issue so far.
Microsoft president Brad Smith said roughly 80 percent of the affected customers were located in the United States.
The US Cybersecurity and Infrastructure Security Agency said government agencies, critical infrastructure entities, and private sector organisations had been targeted by what it called an “advanced persistent threat actor”.
CISA did not identify who was behind the malware attack, but private security companies pointed a finger at hackers linked to the Russian government.
Pompeo had also suggested Moscow’s involvement on Monday, saying the Russian government had made repeated attempts to breach US government networks.
President-elect Joe Biden expressed “great concern” over the computer breach while Republican Senator Mitt Romney blamed Russia and slammed what he called “inexcusable silence” from the White House.
Romney likened the cyberattack to a situation in which “Russian bombers have been repeatedly flying undetected over our entire country”.
CISA said the computer intrusions began at least as early as March this year, and the actor behind them had “demonstrated patience, operational security and complex tradecraft”.
“This threat poses a grave risk,” CISA said on Thursday, adding that it “expects that removing this threat actor from compromised environments will be highly complex and challenging for organisations”.
Hackers reportedly installed malware on software used by the US Treasury Department and the Commerce Department, allowing them to view internal email traffic.
The Department of Energy, which manages the country’s nuclear arsenal, confirmed it had also been hit by the malware but had disconnected affected systems from its network.
“At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the department, including the National Nuclear Security Administration,” agency spokeswoman Shaylyn Hynes said.
Russia has denied involvement.






