SPONSORED:

Pompeo: Russia 'pretty clearly' behind massive cyberattack

Secretary of State Mike PompeoMike PompeoPompeo on CIA recruitment: We can't risk national security to appease 'liberal, woke agenda' DNC gathers opposition research on over 20 potential GOP presidential candidates Dozens of scientists call for deeper investigation into origins of COVID-19, including the lab theory MORE on Friday blamed Russia for the massive cyberattack against multiple U.S. agencies and thousands of individual federal and private entities, saying the country was "pretty clearly" behind the attack.

"I can’t say much more, as we’re still unpacking precisely what it is, and I’m sure some of it will remain classified. But suffice it to say there was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems and it now appears systems of private companies and companies and governments across the world as well," Pompeo said on "The Mark LevinMark Reed LevinBoehner on Bachmann: Right-wing media made 'people who used to be fringe characters into powerful media stars' Boehner says he called Hannity 'a nut' during tense 2015 phone call Worst person in America contest? MORE Show."

"This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity," he added.

ADVERTISEMENT

Pompeo is the first major Trump administration official to attribute the hack directly to Russia, though the sophisticated large-scale attack has widely been presumed to be tied to the country.

Experts say the effort, which targeted third-party software contractor SolarWinds, blindsided the U.S. government. Numerous federal agencies, including the departments of Energy, Homeland Security, State and Treasury, were reportedly breached.

Pressed on any public response from President TrumpDonald TrumpVeteran accused in alleged border wall scheme faces new charges Arizona Republicans to brush off DOJ concern about election audit FEC drops investigation into Trump hush money payments MORE to the hack, Pompeo suggested that "a wiser course of action to protect the American people is to calmly go about your business and defend freedom."

While Trump has not weighed in on the attack, President-elect Joe BidenJoe BidenAtlanta mayor won't run for reelection South Carolina governor to end pandemic unemployment benefits in June Airplane pollution set to soar with post-pandemic travel boom MORE has vowed to "elevate" cybersecurity throughout government and "make dealing with this breach a top priority from the moment we take office."

“Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation,” Biden said Thursday, adding his administration would impose "substantial costs" on anyone responsible for malicious attacks to deter such action.

ADVERTISEMENT

Experts have described the SolarWinds attack as one of the most successful cyber intrusions in U.S. history, with hackers able to obtain access to systems going back as early as March.

SolarWinds counts among its clients numerous government agencies and Fortune 500 companies. As many as 18,000 clients downloaded compromised software from the company that delivered malware inserted by hackers.

FireEye, a top cybersecurity firm, revealed the hack earlier this month, saying its systems were penetrated by “a nation with top-tier offensive capabilities.”

Federal officials have said it will likely take weeks if not months to fully determine the scope of the attack.

Lawmakers have raised alarms and criticized Trump for not addressing the breach publicly.

ADVERTISEMENT

"I think the White House needs to say something aggressive about what happened. This is almost as if you had a Russian bomber flying undetected over the country, including over the nation's capital, and not to respond in a setting like that is really stunning," Sen. Mitt RomneyWillard (Mitt) Mitt RomneyCheney drama exposes GOP's Trump rifts The Hill's 12:30 Report - Presented by ExxonMobil - Florida's restrictive voting bill signed into law The Hill's Morning Report - Presented by Emergent BioSolutions - Facebook upholds Trump ban; GOP leaders back Stefanik to replace Cheney MORE (R-Utah) said in an interview this week.

Lawmakers have urged Trump to take immediate action, including by signing the annual defense policy bill. The legislation includes a number of cybersecurity provisions, including one to reestablish the position of federal cyber czar and another to strengthen defensive measures against cyberattacks. Trump has threatened to veto the bill over an unrelated tech issue.

“One of the immediate steps the Administration can take to improve our cyber posture is signing the NDAA [National Defense Authorization Act] into law,” Senate Armed Services Committee Chairman James InhofeJames (Jim) Mountain InhofeOVERNIGHT ENERGY: Senate nixes Trump rule limiting methane regulation | Senate confirms EPA chief: Biden's climate goals are 'an opportunity to lead' | Fine-particle pollution disproportionately hurts people of color: research EPA chief: Biden's climate goals are 'an opportunity to lead' Senate confirms Pentagon policy chief criticized by Republicans for tweets MORE (R-Okla.) and ranking member Jack ReedJack ReedOvernight Defense: Gillibrand makes new push for military sexual assault reform | US troops begin leaving Afghanistan | Biden budget delay pushes back annual defense policy bill Biden budget delay pushes back annual defense policy bill Senate Democrats push Biden over raising refugee cap MORE (D-R.I.) said in a joint statement on Thursday. “The NDAA is always ‘must-pass’ legislation – but this cyber incident makes it even more urgent that the bill become law without further delay.”

The Trump administration has set up a cyber coordination group composed of the Cybersecurity and Infrastructure Security Agency, the FBI and the Office of the Director of National Intelligence to respond to the hack, describing it as a "whole-of-government" effort.