Donald Trump has attempted to downplay what one of his top officials had described as a “significant” cyber hack – allegedly carried out by Russia – on several top secret US government agencies.
Secretary of State Mike Pompeo had pointed the finger at Moscow over the attack, but the president claims that the incident has been overstated in the media.
He also used his response to the hack to again attempt to discredit November’s presidential election result, prompting Twitter to flag the posts with a disclaimer saying that Joe Biden’s victory had been certified by officials.
….discussing the possibility that it may be China (it may!). There could also have been a hit on our ridiculous voting machines during the election, which is now obvious that I won big, making it an even more corrupted embarrassment for the USA. @DNI_Ratcliffe @SecPompeo
— Donald J. Trump (@realDonaldTrump) December 19, 2020
Mr Trump tweeted: “The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control.
“Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).
“There could also have been a hit on our ridiculous voting machines during the election, which is now obvious that I won big, making it an even more corrupted embarrassment for the USA.”
Mr Pompeo had accused the Kremlin during a radio interview.
“I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity,” he told the Mark Levin radio show.
It was the first time a member of the Trump administration had pointed the finger at Moscow in public over what security officials have said is a “significant and ongoing” cyber hacking campaign.
US media reports have said Russia’s foreign intelligence service, the SVR, is thought to be behind the attack.
The Kremlin has denied any involvement.
Officials in the UK are also scrambling to find out whether any UK government networks have been compromised.
A security source said so far the only known British victims are a small number of organisations not in the public sector.
But it is the early days of the investigation. The hackers used tools that had not been seen before, making the ability of investigators to identify breaches much harder.
Cyber security experts in the United States were the first to raise the alarm about the hacking campaign last week.
Paul Chichester, the director of operations at the UK’s National Cyber Security Centre (NCSC), which is part of the spy agency GCHQ, urged companies to take “immediate steps” to protect their networks.
“This is a complex, global cyber incident, and we are working with international partners to fully understand its scale and any UK impact,” he said in a statement.
“The NCSC is working to mitigate any potential risk, and actionable guidance has been published on our website.”
The comments came as officials in the US, the UK and across the world were scrambling to understand the enormity of the attack, which looks to be unprecedented in terms of its penetration of the US security apparatus.
“This could be the most impactful national security breach – cyber breach – we have ever seen,” said John Hultquist, senior director of analysis at Mandiant Threat Intelligence.
Mandiant is part of the cyber security company FireEye, which was the first to discover the breach when it found that its systems had been compromised.
After raising the alarm, it emerged that a number of US government departments, including the departments of defence, state, treasury and even the nuclear agency, had also been breached.
A spokeswoman has said there was no threat to the US nuclear weapons stockpile.
“They managed clearly to gain access to a lot of secure areas. They are going to be very hard to get out,” Mr Hultquist told Sky News.
What appear to have been a highly sophisticated team of hackers used various ways to compromise public and private sector computer networks.
One was through a piece of software called Orion made by the technology firm SolarWinds.
Malicious code was inserted into an update for this software, used by thousands of customers. Once the update was installed the hackers had access to a trove of networks, including into the US government and Microsoft.
But just the act of updating the infected software does not mean a system has been compromised.
With such a huge list of potential targets, it appears the hackers carefully selected the companies and government agencies they wanted to exploit.
They could do this by stealing secrets, changing important data or just sitting on systems spying. As things stand, the scale of the damage or potential theft is not yet known.
Ciaran Martin is the founder and former head of the NCSC who now works as a professor at the Blavatnik School of Government at Oxford University.
“It’s one of the most significant cyber attacks, really that’s ever been seen,” he told Sky News.
“But based on what we know, at this point, it seems to be [for] traditional espionage, getting information from governments and companies, rather than altering data, destroying data, tampering with things and so forth but it remains to be seen, what the final picture tells us.”
Joe Biden has said dealing with the breach will be a “top priority” for his administration from the moment he takes office.
Mr Hultquist said that whoever carried out the hack was a highly sophisticated operator.
“They are among the most advanced we have seen, if not the most,” he said.
“They are very adept at counter forensics to stay below the radar.”
This means that the hackers were careful to cover their tracks whenever they penetrated a network, making it hard – if not impossible – to know where they have gone and what they have seen.
“The proof [of their capability] is in the pudding,” Mr Hultquist said.
“Just look at how many high value targets they were able to quietly compromise. It is almost all the evidence you need about how capable they are.”
#1 Football Merchandise & Souvenirs Store Liverpool Chelsea Manchester City Arsenal Tottenham Hotspur Manchester United Leicester City Newcastle United West Ham United Barcelona Real Madrid