In the United States, the cyberattack hitting several government departments represents a “serious risk”

by bold-lichterman

The large-scale cyberattack hitting several government departments in the United States represents a ” serious risk “ and the measures to thwart it will be ” extremely complex and difficult ”, warned Thursday the US agency in charge of cybersecurity and infrastructure security (Cisa). President-elect Joe Biden has declared himself “Very concerned” by this cyberattack discovered last weekend, and Republican Senator Mitt Romney pointed the finger at Russia while denouncing the “Inexcusable silence” of the White House on this matter.

The attack began in March, with hackers taking advantage of an update to monitoring software developed by a Texas company, SolarWinds, used by tens of thousands of businesses and governments around the world. It continued for months before being discovered by the computer security group FireEye, itself the victim of cyber attacks last week. Cisa said in a press release that it “Determined that this threat poses a serious risk to the federal and local governments (…) as well as to critical infrastructure and the private sector”.

The Cisa does not designate the authors of this attack but specifies that it is a ” patient, concentrated adversary with significant financial resources who carried out activities for a long time on the victim networks ”. Its experts estimate “That extracting hackers from compromised environments will be extremely complex and difficult for organizations” concerned, the statement said, noting that “SolarWinds is not the only vector” used by the authors of this intrusion. As a first step, Cisa ordered all US federal agencies to immediately disconnect from the SolarWinds platform.

Still a lot of unknowns

One month after taking office, Joe Biden said his transition team had been informed of the developments by the government. ” There is still a lot we don’t know, but what we do know is of great concern ”, said the President-elect Democrat in a statement. “My administration will make cybersecurity a priority at all levels of government and we will make responding to this cyberattack a priority as soon as we take office”, he assured, warning that the United States would impose “Substantial costs for those responsible for these malicious attacks”. In a tweet, Mitt Romney noted that this cyberattack was a sign of a “Alarming vulnerability of the United States”.

“It is as if Russian bombers had repeatedly flown over our entire country without being spotted”, he noted, denouncing “The inexcusable silence and inaction of the White House” of President Donald Trump. The methods used bear the mark of a state actor, according to Microsoft, which has not designated a country. US Secretary of State Mike Pompeo on Monday recalled that the Russian government had made repeated attempts to penetrate into US government networks. “Russia does not conduct offensive operations in cyberspace”, assured his embassy in the United States. The FBI (Federal Police), Director of Intelligence and Cisa, which reports to the Department of Homeland Security (DHS), have formed a coordination unit and meetings are held daily at the White House to work out the US government’s response. , who had confirmed Sunday evening to have been the victim of a cyberattack.

White House national security adviser Robert O’Brien cut short a trip to the Middle East and Europe to return to Washington on Tuesday to deal with the fallout from the massive attack. In addition to DHS, the departments of Treasury and Commerce as well as several federal agencies have been affected, according to press reports. According to FireEye, governments and companies in the consulting, technology and energy fields have been targeted in North America, Europe, Asia and the Middle East. SolarWinds reported that up to 18,000 customers, including large corporations and US government agencies, have downloaded software updates, allowing hackers to gain access to e-mail exchanges.