US National Security Officials Investigating Hacker Intrusions
December 14, 2020
The Trump administration acknowledged Sunday that several U.S. institutions were
hacked on behalf of a foreign government.
Cybersecurity experts believe Russia is likely behind the attack on the U.S.
Treasury and Commerce departments in what U.S. media is calling one of the most
sophisticated attacks on U.S. government systems in years.
"We have asked the Cybersecurity and Infrastructure Security Agency and the FBI
to investigate, and we cannot comment further at this time," the Commerce
Department said in a statement confirming one of its agencies was breached.
Both the FBI and the cybersecurity arm of the Department of Homeland Security
were investigating the hacks. The extent of the intrusion, a motive, or whether
other agencies were affected is not clear.
"The United States government is aware of these reports, and we are taking all
necessary steps to identify and remedy any possible issues related to this
situation," National Security Council spokesman John Ullyot said.
A Kremlin spokesman said Monday that Russia was not involved.
"If there have been attacks for many months, and the Americans could not do
anything about it, it is probably not worth immediately groundlessly blaming the
Russians," spokesman Dmitry Peskov told reporters. "We didn't have anything to
do with it."
According to Reuters, which first reported the breach, U.S. National Security
Council officials met Saturday at the White House to discuss the attack, which
involved stealing information related to internet and telecommunications
The breaches come a week after FireEye, a U.S. cybersecurity company with
government and corporate contracts, said it was targeted in an attack in which
foreign government hackers stole some of its hacking tools.
In a blog post Sunday, FireEye said it uncovered a “widespread campaign” in
which hackers were able to use software updates from information technology firm
SolarWinds to access computer systems of “numerous public and private
organizations around the world.”
“This campaign may have begun as early as Spring 2020 and is currently ongoing,”
FireEye said. “The campaign is the work of a highly skilled actor and the
operation was conducted with significant operational security.”
SolarWinds issued its own statement Sunday citing potential vulnerabilities in
updates it released between March and June for software that organizations use
to monitor their networks for problems.
“We believe that this vulnerability is the result of a highly-sophisticated,
targeted and manual supply chain attack by a nation state,” SolarWinds CEO Kevin
SolarWinds says its customers include hundreds of major U.S. corporations,
including the top telecommunications and accounting firms, as well as a number
of government agencies such as the Defense Department, State Department,
National Security Agency and the Justice Department.
The Cybersecurity and Infrastructure Security Agency, part of the Homeland
Security Department, issued an emergency directive late Sunday telling U.S.
federal agencies to examine their networks for signs they may be compromised and
to immediately disconnect the affected SolarWinds products.
“The compromise of SolarWinds’ Orion Network Management Products poses
unacceptable risks to the security of federal networks,” CISA Acting Director
Brandon Wales said in a statement. “Tonight’s directive is intended to mitigate
potential compromises within federal civilian networks, and we urge all our
partners—in the public and private sectors—to assess their exposure to this
compromise and to secure their networks against any exploitation.”
was led until recently by Christopher Krebs, who was fired by President Donald
In a tweet Sunday, Krebs said, “hacks of this type take exceptional tradecraft
and time" and raised the possibility that it had been underway for months.
“This thing is still early, I suspect,” Krebs wrote.
He was dismissed by Trump after he said the November national election was “the
most secure in American history,” angering Trump who has claimed, without
evidence, that voting and vote-count irregularities led to President-elect
Joe Biden’s victory over him.