WASHINGTON – US Secretary of State Mike Pompeo says he believes that Russia was behind a widespread cyberattack that potentially breached the computer systems of US government agencies.
Pompeo made the remarks during a Friday interview on The Mark Levin Show, which was aired after unknown hackers exploited a vulnerability in software created by Texas technology firm SolarWinds and inserted malicious code.
The software called Orion was designed to monitor computer networks for security flaws.
“I can’t say much more as we’re still unpacking precisely what it is, and I’m sure some of it will remain classified,” Pompeo said. “But suffice it to say there was a significant effort to use a piece of third-party software to essentially embed code inside of US Government systems and it now appears systems of private companies and companies and governments across the world as well. This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”
SolarWinds had earlier listed among its client base the US Air Force, the U.S. Department of Defense and the U.S. Secret Service. However, a page on the SolarWinds website listing their high-profile clients has now been removed.
Meanwhile, Russia has denied any involvement in the attack. In a statement sent to Newsweek, the Russian embassy in Washington said that “Russia does not conduct offensive operations in the cyber domain.”
On the other hand, Microsoft President Brad Smith posted a blog post on Thursday in which he addressed the string of cyberattacks against the U.S. government. In it, he pointed a finger at Israeli cyber company NSO Group for being among the causes for what he described as the “cyber-assault.”
“One illustrative company in this new sector is the NSO Group, based in Israel and now involved in U.S. litigation,” Smith writes, apparently addressing a lawsuit filed against the company by Facebook. “NSO created and sold to governments an app called Pegasus, which could be installed on a device simply by calling the device via WhatsApp; the device’s owner did not even have to answer, he explains.
Smith went on to say that “NSO represents the increasing confluence between sophisticated private-sector technology and nation-state attackers.” Smith also cites a study by the University of Toronto’s The Citizen Lab, which exposes the use of the Israeli company’s technology by non-democratic countries and that the offensive cyber industry has grown to become a $12 billion market.
He noted that NSO has argued that “it is immune from US law because it is acting on behalf of a foreign government customer and hence shares that government’s legal immunity”
“As the first company in the world to lead the formulation and adoption of regulatory principles and compliance policies in the field, we join Microsoft’s calls to pursue a binding global policy that will enable countries to defend themselves against cyberattacks by irresponsible state powers and private actors,” NSO said in response.
Investigations into the attack are being conducted by the Cyber Unified Coordination Group, a joint effort between CISA, the FBI and the Office of the Director of National Intelligence.
US nuclear weapons agency breached in worst-ever cyber attack
While President Donald Trump has yet to comment publicly on the attack, President-elect Joe Biden described the hack as a “matter of great concern” in a Thursday statement.
Biden said that his administration would deter cybercriminals by “imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners. Our adversaries should know that, as President, I will not stand idly by in the face of cyber assaults on our nation.”