SPONSORED:

Pompeo: Russia 'pretty clearly' behind massive cyberattack

Secretary of State Mike PompeoMike PompeoBiden taps career civil servants to acting posts at State, USAID, UN China sanctions Pompeo and more than two dozen US figures China calls Pompeo 'doomsday clown' after its treatment of Uighurs labeled genocide MORE on Friday blamed Russia for the massive cyberattack against multiple U.S. agencies and thousands of individual federal and private entities, saying the country was "pretty clearly" behind the attack.

"I can’t say much more, as we’re still unpacking precisely what it is, and I’m sure some of it will remain classified. But suffice it to say there was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems and it now appears systems of private companies and companies and governments across the world as well," Pompeo said on "The Mark LevinMark Reed LevinProsecutors say man who brought weapons to Capitol carried list of 'good guys' and 'bad guys' Talk radio company orders hosts to stop suggesting election was stolen from Trump Here's why social media ban on Trump, conservatives will only make things worse MORE Show."

"This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity," he added.

ADVERTISEMENT

Pompeo is the first major Trump administration official to attribute the hack directly to Russia, though the sophisticated large-scale attack has widely been presumed to be tied to the country.

Experts say the effort, which targeted third-party software contractor SolarWinds, blindsided the U.S. government. Numerous federal agencies, including the departments of Energy, Homeland Security, State and Treasury, were reportedly breached.

Pressed on any public response from President TrumpDonald TrumpClinton, Bush, Obama reflect on peaceful transition of power on Biden's Inauguration Day Arizona Republican's brothers say he is 'at least partially to blame' for Capitol violence Biden reverses Trump's freeze on .4 billion in funds MORE to the hack, Pompeo suggested that "a wiser course of action to protect the American people is to calmly go about your business and defend freedom."

While Trump has not weighed in on the attack, President-elect Joe BidenJoe BidenKaty Perry and her 'Firework' close out inauguration TV special Arizona Republican's brothers say he is 'at least partially to blame' for Capitol violence Tom Hanks: After years of 'troubling rancor,' Inauguration Day 'is about witnessing the permanence of our American ideal' MORE has vowed to "elevate" cybersecurity throughout government and "make dealing with this breach a top priority from the moment we take office."

“Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation,” Biden said Thursday, adding his administration would impose "substantial costs" on anyone responsible for malicious attacks to deter such action.

ADVERTISEMENT

Experts have described the SolarWinds attack as one of the most successful cyber intrusions in U.S. history, with hackers able to obtain access to systems going back as early as March.

SolarWinds counts among its clients numerous government agencies and Fortune 500 companies. As many as 18,000 clients downloaded compromised software from the company that delivered malware inserted by hackers.

FireEye, a top cybersecurity firm, revealed the hack earlier this month, saying its systems were penetrated by “a nation with top-tier offensive capabilities.”

Federal officials have said it will likely take weeks if not months to fully determine the scope of the attack.

Lawmakers have raised alarms and criticized Trump for not addressing the breach publicly.

ADVERTISEMENT

"I think the White House needs to say something aggressive about what happened. This is almost as if you had a Russian bomber flying undetected over the country, including over the nation's capital, and not to respond in a setting like that is really stunning," Sen. Mitt RomneyWillard (Mitt) Mitt RomneyBudowsky: Democracy won, Trump lost, President Biden inaugurated Biden's inauguration marked by conflict of hope and fear Romney: Founders didn't intend pardons to be used for 'cronies' MORE (R-Utah) said in an interview this week.

Lawmakers have urged Trump to take immediate action, including by signing the annual defense policy bill. The legislation includes a number of cybersecurity provisions, including one to reestablish the position of federal cyber czar and another to strengthen defensive measures against cyberattacks. Trump has threatened to veto the bill over an unrelated tech issue.

“One of the immediate steps the Administration can take to improve our cyber posture is signing the NDAA [National Defense Authorization Act] into law,” Senate Armed Services Committee Chairman James InhofeJames (Jim) Mountain InhofeJustice Dept. closes insider trading case against Burr without charges Biden pick for Pentagon cruises through confirmation hearing McConnell about to school Trump on political power for the last time MORE (R-Okla.) and ranking member Jack ReedJack ReedOvernight Defense: Biden inaugurated as 46th president | Norquist sworn in as acting Pentagon chief | Senate confirms Biden's Intel chief Top Senate Democrat backs waiver for Biden Pentagon nominee Austin pledges to empower Pentagon civilians MORE (D-R.I.) said in a joint statement on Thursday. “The NDAA is always ‘must-pass’ legislation – but this cyber incident makes it even more urgent that the bill become law without further delay.”

The Trump administration has set up a cyber coordination group composed of the Cybersecurity and Infrastructure Security Agency, the FBI and the Office of the Director of National Intelligence to respond to the hack, describing it as a "whole-of-government" effort.