Trump downplays massive cyber hack on government after Pompeo links attack to Russia
Posted December 19, 2020 10:34 a.m. EST
Updated December 19, 2020 12:58 p.m. EST
CNN — Secretary of State Mike Pompeo on Friday publicly linked Russia to a massive cyberattack on US federal government agencies, calling the data breach "a very significant effort" in remarks the President appeared to contradict Saturday.
"This was a very significant effort, and I think it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity," Pompeo said in an interview Friday on "The Mark Levin Show."
"I can't say much more as we're still unpacking precisely what it is, and I'm sure some of it will remain classified," he added.
In his first public comments on the hack, President Donald Trump on Saturday appeared to undercut Pompeo's remarks, downplaying the breach in a pair of tweets and suggesting without evidence "it may be China" that's responsible.
Instead of condemning the attack, or Russia, Trump wrote that he had been "fully briefed and everything is well under control" -- despite officials in his administration having said this week that the cyberattack "poses a grave risk" to networks across both the public and private sector.
Trump also baselessly claimed in the tweet that the attack could have impacted US voting machines. A group of national, state and private election officials said in a joint statement last month that there is no evidence of any voting system being compromised in the 2020 election.
At least half a dozen federal agencies are now known to have been targeted in the breach, including the Department of Homeland Security's cyber arm and the Departments of Agriculture, Commerce, Energy and State. Investigators are still trying to determine what, if any, government data may have been accessed or stolen in the hack.
"Suffice it to say, there was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems and it now appears systems of private companies and companies and governments across the world as well," Pompeo said.
Trump had remained silent on the hack for most of the week. The White House said Friday the President was being briefed and "working very hard" in dealing with it.
Asked Friday about Trump's silence on the matter, Pompeo noted there was work going on behind the scenes.
"There are many things that you'd very much love to say, 'Boy, I'm going to call that out,' but a wiser course of action to protect the American people is to calmly go about your business and defend freedom," he said.
As the scope of the espionage campaign and its sophistication became clearer over the past two weeks, US officials had begun to believe that a Russia-linked entity or Russian individuals are responsible for the attacks. Pompeo's comments go further than any Trump administration official yet in pinning the blame on Russia, as further evidence shows the hacking operation bears all the hallmarks of a Russian-backed actor.
The Russian embassy in Washington has denied involvement in the hack.
But Moscow has been linked to several recent breaches, including the 2016 hacking of Democratic officials during the US presidential election.
Last week, the cybersecurity firm FireEye disclosed that it had been targeted by a sophisticated, likely state-sponsored espionage attempt, and that several of its own hacking tools had been stolen.
CNN previously reported that a Russian-affiliated group known as APT29 was behind the attack on FireEye.
On Sunday, Reuters first reported that the Departments of Commerce and Treasury had been hit by hackers. The Commerce Department soon confirmed a security incident.
That same evening, FireEye identified the source of its own intrusion as malware hidden in its software updates published by the software vendor SolarWinds, which is used by a number of federal civilian agencies for network management.
As many as 18,000 SolarWinds customers, including US government agencies and Fortune 500 companies, had been sent the updates containing the malware.
The headline and story have been updated to reflect President Donald Trump's tweets on the cyberattack.