TLTP
WASHINGTON
US National Security Advisor Robert O’Brien cut his trip to Europe short this week and returned to Washington on Tuesday to hold meetings on the alleged Russian hack of multiple government agencies. O’Brien was due to visit the UK, Italy and Germany this week but has returned to Washington four days early, a spokesman for the US National Security Council (NSC) confirmed. “Ambassador O’Brien is returning to address the hacking incident,” John Ullyot, the deputy assistant to the president, said.
The council already held two high-level meetings on the cyber breach on Saturday and Monday, and Mr O’Brien will be convening another meeting tonight and tomorrow. Bloomberg was first to report on Mr O’Brien’s return. The return of the US senior official was another indication of the seriousness of the hack that hit at least six US agencies. The attack is suspected to have been carried out by the Russian government.
The departments of State, Defence, Homeland Security, Justice, Treasury and Commerce are investigating the degree of the breach that may have happened over several months. Nearly 18,000 private and government users downloaded the tainted software update, according to The New York Times.
The massive operation was carried out after the hackers infiltrated and installed malware in a software product from SolarWinds, which supplies hundreds of government agencies and top companies.
By compromising its platform, the hackers were able to gain access to government agencies and possibly secret material that SolarWinds was supposed to protect, Reuters reported on Sunday.
The company sent an advisory to its clients informing them of an attack. “We have been advised that this incident was likely the result of a highly sophisticated, targeted and manual supply chain attack by an outside nation-state,” the Texas-based company said. It then launched an upgrade to the software containing the malicious code.
Russia has denied responsibility for the attack but US officials and cyber experts say the high level of sophistication of the operation and the agencies affected point to Russian intelligence. US officials have said the Russian hacking group Cozy Bear, associated with the Russian foreign intelligence service, was behind the attack. Government agencies are still investigating the degree of the damage to determine a response.
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) was also attacked. It issued a rare directive on Sunday instructing all federal agencies to disconnect affected devices.
The US government was only made aware of the attack after the private cybersecurity firm FireEye detected the infiltration. On Tuesday, Microsoft announced it would quarantine and isolate versions of the SolarWinds Orion app that contain the malware. It also recommended that companies with Orion apps do the same.






