Biden’s Team Vows Action Against Hack as US Threats Persist
WASHINGTON (AP) — Once in office, President-elect Joe Biden will punish Russia for its suspected cyberespionage operation against the United States with financial sanctions and measures to hobble the Kremlin’s ability to launch future hacks, his chief of staff said Sunday, as a GOP senator criticized President Donald Trump for having a “blind spot” when it comes to Moscow.
“Those who are responsible are going to face consequences for it,” said Biden chief of staff Ron Klain. “It’s not just sanctions. It’s also steps and things we could do to degrade the capacity of foreign actors to repeat this sort of attack or, worse still, engage in even more dangerous attacks.”
The head of the cybersecurity firm FireEye, which disclosed that it had been targeted by the spying attempt, said it was clear the foreign intrusions were not “one and done” and suggested there was little time to spare before the next one.
“These attacks will continue to escalate, and get worse if we do nothing,” said CEO Kevin Mandia.
Cybersecurity experts and U.S. officials such as Secretary of State Mike Pompeo have been clear over the past week that they believe Russia was behind the massive hack that infiltrated over 40 federal agencies, including the departments of Treasury, Energy and Commerce, as well as government contractors.
But Trump over the weekend cast doubt on that assessment, suggesting without evidence that China may be behind the cyber intrusions and minimizing the impact. “The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control,” Trump tweeted, contradicting his own cybersecurity agency, which described the hacks as a “grave” threat.
On Sunday, Sen. Mitt Romney, R-Utah, blasted Trump for putting the U.S. at continuing risk.
“Russia acted with impunity,” he said. “They didn’t fear what we would be able to do from a cybercapacity. They didn’t think that our defense systems were particularly adequate. And they apparently didn’t think that we would respond in a very aggressive way.”
“I think we’ve come to recognize that the president has a blind spot when it comes to Russia,” Romney added, urging an immediate response and calling cyberspace the “warfare of the future.”
While Trump downplayed the impact of the hacks, the Cybersecurity and Infrastructure Security Agency has said it compromised federal agencies as well as “critical infrastructure.” Homeland Security, the agency’s parent department, defines such infrastructure as any “vital” assets to the U.S. or its economy, a broad category that could include power plants and financial institutions.
It’s not clear exactly what the hackers were seeking, but experts say it could include nuclear secrets, blueprints for advanced weaponry, COVID-19 vaccine-related research and information for dossiers on government and industry leaders.
Still, it may take months to kick elite hackers out of the U.S. government networks they have been quietly rifling through since as far back as March. Christopher Krebs, former director of CISA, highlighted the challenges ahead as Trump dismisses the threat and Biden prepares for his Jan. 20 inauguration.
“The federal civilian agencies, the 101 civilian agencies, are not really optimized for defense right now,” Krebs said. “And what that means is, there’s a lot of old antiquated, legacy IT systems that are hard to defend. Plus, the authorities are not in place for teams like CISA to really get out there and aggressively root out adversaries.”
Throughout his presidency, Trump has refused to blame Russia for well-documented hostilities, including its interference in the 2016 election to help him get elected. He blamed his predecessor, Barack Obama, for Russia’s annexation of Crimea, has endorsed allowing Russia to return to the G-7 group of nations and has never taken the country to task for allegedly putting bounties on U.S. soldiers in Afghanistan.
Klain said the incoming administration was still learning information about the purpose, nature and extent of the hacks and faulted the confused messaging from the Trump administration on who’s to blame.
Klain and Mandia spoke on CBS’ “Face the Nation,” Krebs was on CNN’s “State of the Union,” and Romney was on CNN and NBC’s “Meet the Press.”
In The News
WASHINGTON -- A congressional hearing Friday showed that foreign computer hackers are facing a growing likelihood of counterattack from the United States as a result of the SolarWinds software breach. Lawmakers and computer industry officials agreed the hackers must face consequences to deter them in the... Read More
WASHINGTON (AP) — Jolted by a sweeping hack that may have revealed government and corporate secrets to Russia, U.S. officials are scrambling to reinforce the nation's cyber defenses and recognizing that an agency created two years ago to protect America's networks and infrastructure lacks the money,... Read More
WASHINGTON -- Cybersecurity experts suggested to a congressional committee Wednesday that lawmakers act quickly to address growing threats from hackers. They mentioned the SolarWinds computer infiltration by the Russians last year and a hacker’s attempt to poison a Florida municipal water supply last week as examples.... Read More
ST. PETERSBURG, Fla. (AP) — A hacker's botched attempt to poison the water supply of a small Florida city is raising alarms about just how vulnerable the nation's water systems may be to attacks by more sophisticated intruders. Treatment plants are typically cash-strapped, and lack the... Read More
WASHINGTON — Dramatic changes in the workforce and service delivery have posed unique security challenges over the last year. Evolving technologies are accommodating training and remote work, but new cybersecurity threats continue to emerge. In the last few years, directives have required federal agencies to take... Read More
WASHINGTON (AP) — The elite Russian hackers who gained access to computer systems of federal agencies last year didn't bother trying to break one by one into the networks of each department. Instead, they got inside by sneaking malicious code into a software update pushed out to thousands... Read More