WASHINGTON, DC–December 20th, 2020–US agencies have been compromised in a massive cyberattack that was reported earlier this week and was later confirmed by US authorities. Secretary of State Mike Pompeo blamed Russia for the attack, while President Trump suspected China’s involvement in it, also downplaying the extent of the data breach.
White House officials were poised on Friday afternoon to issue an official statement accusing Russia of perpetrating the massive cyberattack, but were instructed not to do so at the eleventh hour, an anonymous source familiar with the matter has told AP.
According to the media outlet, it is unclear whether US Secretary of State Mike Pompeo was made aware of the statement before the interview on The Mark Levin Show in which he unequivocally blamed Russia for the cybersecurity breach.
Reports about the cyberattack, dubbed “Sunburst”, emerged on Monday and refer to a spate of hacking activities targeting various US governmental agencies, including the Pentagon and the State Department, that is believed to have been ongoing for months. The attack was reportedly carried out by compromising the Texas-based company SolarWinds’ software.
While some US media outlets and Pompeo were quick to pin the blame on Moscow, President Trump speculated that it might actually be China that is behind the attack, while also toning down the scope of the cyber breach, which he says is not as severe as some might suggest. Trump issued a tweet as follows:
The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of….
— Donald J. Trump (@realDonaldTrump) December 19, 2020
Russia promptly denied the accusations pointing at the lack of any evidence to support the claims.
“The Cyber Hack is far greater in the Fake News Media than in actuality,” Trump tweeted on Saturday morning. “I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because [US media] is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!)”
Regarding the SolarWinds hack and Trump’s attempt to play down links to Russia, Adam Schiff, the California Democrat who chairs the House intelligence committee and led impeachment proceedings against Trump, said: “Another day, another scandalous betrayal of our national security by this president.
“Another dishonest tweet that sounds like it could have been written in the Kremlin. Another obsequious display towards Putin. And yet another reason that Trump can’t leave office fast enough.”
Pompeo did not immediately respond to being undercut by his boss. But in speaking to Levin, he said: “I’m sure some of it will remain classified. But suffice it to say there was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems and it now appears systems of private companies and companies and governments across the world as well.”
People knowledgeable about the matter have told outlets including The Washington Post that the culprit is almost certainly one of the most persistent and savvy hacking groups on the planet: the Russian government-backed APT29, also known as Cozy Bear.
Cyber threat intelligence firms have been more cautious in assigning blame, even as they acknowledge significant similarities.
The group, reportedly linked to Russia’s foreign intelligence service, the SVR, and sometimes the FSB, is notorious for running multi-pronged efforts, and for not backing down from espionage operations, even after they are discovered. APT29 has historically gone to great lengths to conceal its activities, at times running years-long espionage operations, according to security researchers.
The Kremlin denies all involvement.