Crédito: fuente
Until now the administration has refrained from attributing the hacks and President Trump, who has long expressed skepticism that Russia engaged in interference in the 2016 election, has not publicly addressed the issue.
Pompeo’s remarks come as government agencies and affected companies are scrambling to figure out the scope of the breaches, how the Russians carried them off without being detected for months and how to prevent future compromises.
Compromises of federal agencies were first revealed last weekend, and with each day more agencies were discovered to have been breached. Besides the State Department, the list so far includes the Treasury, Homeland Security, Energy and Commerce Departments, as well the National Institutes of Health.
Pompeo said he could not say much more about the hacks as the investigations were ongoing.
“But suffice it to say, there was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems, and it now appears systems of private companies and companies and governments across the world as well,” he told Levin, a syndicated radio talk show host.
Microsoft, a major software and cloud provider, alerted several federal agencies last weekend to the fact that they were breached, its president Brad Smith told The Post in an interview this week.
Smith said that so far the company has notified a little more than 40 customers who were breached, and that 80 percent of them were in the United States. The others were in Canada, Mexico, Belgium, Spain, Britain, Israel and the United Arab Emirates.
Britain so far has seen only a small number of victims, all in the private sector.
Pompeo did not specify which branch of the Russian government carried out the campaign, but U.S. officials have privately said they believe it is the foreign intelligence service, the SVR, which is a successor organization to the KGB.
Moscow has denied involvement.
On Wednesday, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency [CISA] issued an alert calling the hacks “a grave risk” to the federal government, as well as state and local governments, critical infrastructure entities and the private sector.
A major avenue for breaching victims’ networks was through an update for computer software made by a Texas-based company called SolarWinds. The firm said about 18,000 customers that received the patch, for network management software called Orion, were potentially exposed. The Russians covertly added malware to the update, which installed a backdoor on computers that the hackers could use to enter a victim’s system at will.
But the intruders were selective in choosing who to compromise. Not everyone who downloaded the patch was seen as an attractive target, Microsoft said.
The SolarWinds update was not the only path into victims’ networks, CISA said in its alert this week. “CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated,” the agency said.
Microsoft is itself a SolarWinds customer and acknowledged in a statement this week it had found SolarWinds malware “in our environment,” which it isolated and removed.
In his interview with The Post, Smith said none of Microsoft’s customers had been breached through the software giant. “I think we can give you a blanket answer that affirmatively states, no, we are not aware of any customers being attacked through Microsoft’s cloud services or any of our other services, for that matter, by this hacker.”
He said: “Lots of people have been hacked and a lot of the people that have been hacked happen to be Microsoft customers and Microsoft cloud customers. But that doesn’t mean they were hacked or attacked through the Microsoft cloud.”
Karen DeYoung contributed to this report.
