The United States on Friday accused Russia of being very likely behind the gigantic cyberattack that struck them, also affecting targets located in other countries.
“It was a very important undertaking, and I believe we can now say quite clearly that it was the Russians who engaged in this activity,” Pompeo said on political commentator Mark Levin’s show, The Mark Levin Show.
The Secretary of State denounced a large-scale operation consisting in particular, by using software, to “enter systems of the American government”.
Russia has firmly denied being involved in this affair. “Russia does not conduct offensive operations in cyberspace,” the Russian embassy in Washington said.
The scope of the cyberattack continues to expand as new victims are discovered beyond the United States, raising fears of the risks of espionage.
“It’s a major attack. I would say that it is probably still ongoing “and” unprecedented, “Republican elected Marco Rubio, chairman of the Senate Intelligence Committee, told Fox News on Friday.
He spoke of, like the government the day before, “a serious threat to the federal state, local communities, crucial infrastructure and the private sector”.
Microsoft said Thursday evening that it had informed more than 40 customers affected by the software used by hackers, which could allow them unhindered access to the networks of the victims.
“About 80% of those customers are in the United States, but our work has also identified victims in several other countries at this point,” Microsoft President Brad Smith said on the computer giant’s blog. . The countries concerned are Canada, Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.
“The number of victims and the countries affected will continue to increase, for sure”, “creating a serious technological vulnerability for the United States and the world”, warned Brad Smith. “This is no ordinary espionage, even in the digital age. “
The US government only discovered this March attack last week, if not earlier.
“Act of war”
If Senator Rubio considered that a foreign state was indeed behind this act “patient”, “sophisticated” and “well funded”, he was careful not to go further. “When you nominate someone you have to be sure” because “it is like an act of war,” he said.
But the suspicions of computer security experts converge on Moscow, and Mike Pompeo formalized this accusation on Friday.
For James Andrew Lewis, of the think tank Center for Strategic and International Studies, “there are only a few countries that have the expertise and the resources to carry out such an attack, and Russia is one of them.”
Mike Pompeo had also suggested on Monday a possible involvement of Russian actors, evoking persistent attempts by such actors to “enter the networks” of US ministries and companies.
“It is as if Russian bombers had flown over our entire country repeatedly without being detected,” said Republican Senator Mitt Romney on Thursday, lamenting “the inexcusable silence and inaction of the White House” of President Donald Trump .
His Democratic colleague Mark Warner also judged “extremely worrying that the president does not seem to take note of the gravity of the situation, and even less to provide a response”.
President-elect Joe Biden has promised to make it “a priority” as soon as he takes office on January 20.
John Dickson of security firm Denim Group says many potentially vulnerable private companies are scrambling to strengthen their protections, going so far as to consider completely rebuilding their servers.
“It’s so big that everyone is assessing the damage at the moment,” he told AFP. “This is a serious blow to confidence in the state and in critical infrastructure.”
The hackers succeeded in compromising the Orion software of the American firm SolarWinds, used for the management and the supervision of computer networks of large companies or administrations.
The National Security Agency, which oversees US military intelligence, has called for increased vigilance to prevent hackers from accessing key military or state systems.
In fact, experts underline the threat that this cyberattack represents for national security, not only in the event of a takeover of crucial infrastructures but also in the event of access to the management of electricity distribution networks or other services. public.
According to information known at this point, the hackers managed to penetrate the internal emails of the US Treasury and Department of Commerce.
The Energy Ministry confirmed Friday to have been affected, while ensuring that the malware had spared its most sensitive missions, including the branch responsible for the security of the nuclear arsenal.