U.S. President Donald Trump is downplaying the severity of a massive cybersecurity breach by suspected Russian operatives that has exposed the networks of government agencies and private sector companies, contradicting the assertions of his secretary of state and lawmakers briefed on the matter.
After days of silence, Trump took to Twitter on Saturday for his first comments on the hack, which is thought to have impacted at least 18,000 customers of SolarWinds, a Texas-based software management company. Those affected include the Energy, Treasury and Commerce departments, as well as state and local governments.
But unlike intelligence officials and lawmakers, who warned that damage from the breach was ongoing, the president said that “everything is well under control.”
“I have been fully briefed,” he wrote. “The Cyber Hack is far greater in the Fake News Media than in actuality.”
Trump also cast doubt on comments late Friday by Secretary of State Mike Pompeo, who said it appeared that Russia was responsible.
The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of....— Donald J. Trump (@realDonaldTrump) December 19, 2020
“Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China,” Trump said.
He also suggested the cyber breach might have impacted November’s presidential election, which he lost to former U.S. Vice President Joe Biden.
“There could also have been a hit on our ridiculous voting machines during the election, which is now obvious that I won big, making it an even more corrupted embarrassment for the USA,” Trump added.
Less than 24 hours earlier, Pompeo told The Mark Levin Show that while intelligence agencies were still examining the hack, all evidence pointed to the Kremlin.
“This was a very significant effort, and I think it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity,” Pompeo said.
U.S. intelligence and cybersecurity agencies have yet to make a formal attribution for the hack, which they said was under way at least as early as March.
The Office of the Director of National Intelligence and the FBI on Saturday declined to comment on Trump’s tweets, standing by a joint statement issued Wednesday, which described the hack only as part of a “significant and ongoing cybersecurity campaign.”
Since then, however, in a series of updated alerts, the cybersecurity unit of the U.S. Homeland Security Department — the Cybersecurity and Infrastructure Security Agency (CISA) — has warned that the problem was not contained to software from SolarWinds.
“CISA has evidence of initial access vectors other than the SolarWinds Orion platform,” one alert said, adding that the agency was investigating instances in which other platforms were used to access critical networks.
“This threat poses a grave risk to the federal government and state, local, tribal and territorial governments as well as critical infrastructure entities and other private sector organizations,” CISA said. “This is a patient, well-resourced and focused adversary that has sustained long duration activity on victim networks.”
In the meantime, CISA’s former director answered some of the president’s Twitter allegations, rejecting the notion that the hack could have in any way changed the results of November’s presidential election.
“Do not conflate voting system security and SolarWinds,” said Christopher Krebs, who had played a leading role in the country’s election security efforts until Trump fired him last month, two weeks after American voters cast their ballots.
“The proof is in the paper,” Krebs said, referring to the widespread use of paper ballot backups. “You can audit or recount again to confirm the outcome. Like they did in Georgia. And Michigan. And Wisconsin. And Arizona. Can't hack paper.”
Do not conflate voting system security and SolarWinds. The proof is in the paper. You can audit or recount again to confirm the outcome. Like they did in Georgia. And Michigan. And Wisconsin. And Arizona. Can't hack paper.— Chris Krebs (@C_C_Krebs) December 19, 2020
Top lawmakers briefed on the hack also went on social media Saturday, pushing back against Trump’s insistence without evidence that Russia might not be responsible for the breach.
“Increasingly clear that Russian intelligence conducted the gravest cyber intrusion in our history,” the acting chairman of the Senate Intelligence Committee, Republican Marco Rubio, tweeted.
“The process of determining its extent & assessing the damage is underway,” Rubio said, adding, “Our response must be proportional but significant.”
Increasingly clear that Russian intelligence conducted the gravest cyber intrusion in our history— Marco Rubio (@marcorubio) December 19, 2020
The process of determining its extent & assessing the damage is underway
Remediation will take time & significant resources
Our response must be proportional but significant
The chairman of the House Intelligence Committee, Democrat Adam Schiff, meanwhile, castigated Trump for his response to the cyber breach.
“Another day, another scandalous betrayal of our national security by this president,” Schiff tweeted. “Another dishonest tweet that sounds like it could have been written in the Kremlin.”
Another day, another scandalous betrayal of our national security by this president.— Adam Schiff (@RepAdamSchiff) December 19, 2020
Another dishonest tweet that sounds like it could have been written in the Kremlin.
Another obsequious display towards Putin.
And yet another reason that Trump can’t leave office fast enough. https://t.co/ILNh3KnfbT
Indications of a cyber intrusion went public earlier this month when the private cybersecurity firm FireEye announced its systems had been penetrated and that sensitive information had been stolen.
The hack was later traced to updates for network management software from SolarWinds, though officials said the hackers were also using other software and systems to reach inside government and private sector networks.
Research by tech giant Microsoft, made public Thursday, indicated the hackers precisely targeted at least 40 organizations. The vast majority were in the United States, but companies in Canada, Mexico, Britain, Belgium, Israel and the United Arab Emirates were also attacked.
Not 'espionage as usual'
“This is not 'espionage as usual,' even in the digital age," Microsoft President Brad Smith wrote on the company’s blog. "This is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure."
Former U.S. government officials also expressed concern about the impact of the hack.
“The scope of it is large but exactly how large remains to be seen, and exactly how severe remains to be seen,” Michael Daniel, who served as a special assistant to former U.S. President Barack Obama on cyber issues, told VOA’s Russian Service.
“The damage could be very, very significant to U.S. national security and to our economic security,” he said.
Tom Bossert, a former homeland security adviser to Trump, said Saturday in a thread on Twitter, “It is clear that a foreign government is holding American networks at risk.”
“If it’s Russia, as all indications suggest, the free world — led by the United States — must impose costs on the Kremlin,” Bossert added. “Our long-term goals must be to regain network integrity and control and to establish geopolitical deterrence.”
It is clear that a foreign government is holding American networks at risk. @SecPompeo took a necessary step attributing the attack to Russia. That step requires formalization. 1/— Thomas P. Bossert (@TomBossert) December 19, 2020
U.S. President-elect Joe Biden on Thursday called the cybersecurity breach, “a matter of great concern.”
“I want to be clear: My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority from the moment we take office,” he said in a statement shortly after the latest CISA alert was issued.
“Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation,” he added.
Biden is set to be inaugurated as the 46th U.S. president on January 20.
Wayne Lee and the VOA Russian Service's Danila Galperovich contributed to this report.