Sources told Reuters news agency there is concern the hackers used similar tool to break into other gov’t agencies.
Donald Trump has downplayed the importance of a wide-reaching cyberattack on the United States government that was described this week as one of the worst in the country’s history, saying “everything is well under control”.
On Saturday morning, Trump tweeted that the massive security breach, which affected the computer systems of several US government departments, was made “far greater” by the media than it actually was.
“The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control,” said Trump, his first comments since US officials first reported the hacking.
The US president also said Russia was being unfairly targeted, contradicting Secretary of State Mike Pompeo, who said on Friday that Moscow was behind the cyberattack.
“Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!),” he tweeted.
The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of….
— Donald J. Trump (@realDonaldTrump) December 19, 2020
Microsoft said on Thursday that it had identified 40 government agencies, non-profit groups, government contractors and IT companies that had been hacked, among others – and said 80 percent of them were in the US.
“This is not ‘espionage as usual,’ even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world,” Microsoft said.
The groups were infected from March to June by malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds, The Associated Press news agency reported.
Experts have said it could take months to kick hackers out of the US government networks.
The treasury, commerce and energy departments were among the US government departments hacked, and the US Cybersecurity and Infrastructure Security Agency, an arm of the Department of Homeland Security, warned that the hack posed a “grave risk” to the US government.
It remains unclear who exactly was responsible for the cyberattack, but intelligence officials have pointed the finger at Russia, which has denied any involvement.
Pompeo said during a radio interview on Friday that “we can say pretty clearly that is was the Russians that engaged in this activity”.
“I can’t say much more as we’re still unpacking precisely what it is, and I’m sure some of it will remain classified. But suffice it to say there was a significant effort to use a piece of third-party software to essentially embed code inside of US Government systems,” Pompeo said.
Al Jazeera’s Heidi Zhou-Castro, reporting from Washington, DC, said Pompeo indicated that it could take months to fully assess the damage of the security breach.
But Trump’s comments on Saturday appeared to show that in his last weeks in the White House, he “will not take any responsibility over how to fix this mess, instead passing that off to President-elect Joe Biden”, Zhou-Castro reported.
In a statement, Biden said he would “elevate cybersecurity as an imperative across the government” and “disrupt and deter our adversaries” from undertaking such significant hacks when he takes office next month.