Dec. 19 (UPI) — Secretary of State Mike Pompeo has tied a widespread cyberattack on U.S. agencies to Russia.
Cybersecurity company FireEye first revealed the hack earlier this month, saying hundreds of U.S. companies and government agencies were among the targets. While there’s no evidence classified networks were compromised, it’s unclear how deeply networks were penetrated.
During a radio interview on the conservative Mark Levin Show on Friday night, Pompeo said attack was “pretty clearly” linked to Russia.
“We’re still unpacking precisely what it is, and I’m sure some of it will remain classified,” he said. “But suffice it to say there was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems and it now appears systems of private companies and companies and governments across the world. This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”
On Thursday, U.S. cybersecurity officials warned of a “a grave risk to the federal government” from the hack linked to security software weaknesses.
The scope of the cyberattack beginning in at least March was broader than initially thought, according to a Cybersecurity and Infrastructure Security Agency alert Saturday, citing evidence of initial access vectors other than the SolarWinds Orion platform.
Earlier this month, CISA released an emergency directive ordering federal civilian executive branch departments and agencies to disconnect infected devices. The Homeland Security, Commerce and Treasury departments have been among those targeted in the cyberattacks.
Microsoft, which has assisted in responding to the breach, has identified more than 40 government agencies, think tanks, non-governmental organizations and IT companies worldwide impacted, with four in five attacks in the United States.
Other countries impacted by hackers included Canada, Mexico, Belgium, Spain, Britain, Israel and United Arab Emirates, according to Microsoft.
“This is not espionage as usual, even in the digital age,” Microsoft said in a blog post. “Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world.”
Lawmakers said they are still trying to understand the full impact of the breach.
“This hack was so big in scope that even our cybersecurity experts don’t have a real sense yet in terms of the breadth of the intrusion itself,” said Rep. Stephen Lynch, R-Mass., chairman of a subcommittee on national security.
President Donald Trump has remained silent on the issue, leading to Republican Sen. Mitt Romney, R-Utah, calling on him to speak out, Levin pointed out during his interview with Pompeo Friday.
“There are many things that you’d very much love to say, ‘Boy, I’m going to call that out,’ but a wiser course of action to protect the American people is to calmly go about your business and defend freedom,” Pompeo said in response.