Attorney General William Barr said Monday he believes the recent hacking campaign, involving an exploit of SolarWinds Orion network management software, was perpetrated by Russian hackers.
Barr was responding to a reporter’s question at a press conference on Monday about whether he agrees with the conclusion that Russians were behind the hack and what kind of a response can be expected on the part of the Department of Justice (DOJ) or the FBI.
“From the information I have, I agree with Secretary Pompeo’s assessment—it certainly appears to be the Russians, but I’m not going to discuss it beyond that,” Barr said.
Secretary of State Mike Pompeo said Friday that evidence gathered thus far points to Russians being behind the hack.
“I can’t say much more as we’re still unpacking precisely what it is, and I’m sure some of it will remain classified,” Pompeo said on Mark Levin’s radio show. “But suffice it to say there was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems and it now appears systems of private companies and companies and governments across the world as well.”
“This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity,” Pompeo said.
Hackers who exploited an update to SolarWinds Orion network management software accessed a number of U.S. government agencies, including the departments of Defense, State, Homeland Security, Energy, Treasury, and Commerce.
The victims of the hacking campaign are among as many as 18,000 SolarWinds customers around the globe who installed the malicious update. The hack was first reported by cybersecurity firm FireEye, itself a SolarWinds customer.
SolarWinds Corp banner hangs at the New York Stock Exchange on the IPO day of the company in New York, on Oct. 19, 2018. (Brendan McDermid/Reuters)Believed to be the biggest hack ever uncovered, it has prompted the U.S. government to assemble a multi-department task force to respond to the threat.
Treasury Secretary Steven Mnuchin told CNBC on Monday that the hack impacted the Treasury Department’s unclassified systems, but the department has not seen any damage.
“We do not see any breaking into our classified systems. Our unclassified systems did have some access,” Mnuchin said. “I will say that the good news is there has been no damage, nor have we seen any large amounts of information displaced.”
Mnuchin added that addressing cyber threats “has been a big focus of the administration and within Treasury, we have a large group that is focused for cyber,” adding, “we have much needed resources in working in protecting the financial industry.”
The Cybersecurity and Infrastructure Security Agency (CISA) said Thursday that the hacking campaign is larger than what was previously known.
The hackers gained backdoor access in more ways than through the SolarWinds software.
“CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated,” CISA said in a statement.
Microsoft said Thursday that it found the malicious software in its system. The company said around 30 of the affected customers were in the United States.
Zachary Stieber contributed to this report.
