President Trump’s dismissive characterization of a massive cyberattack targeting multiple U.S. agencies drew pushback Sunday from lawmakers, cybersecurity experts and the incoming Biden administration amid growing questions over the president’s refusal to acknowledge that Russia was likely behind the intrusions.
A month before President-elect Joe Biden takes office, Trump remains preoccupied with his falsehood-filled campaign to overturn the results of November’s election, and the president gave no indication that the United States would seek to punish those responsible for an unprecedented breach whose full scope was still being assessed.
“Russia acted with impunity,” Sen. Mitt Romney (R-Utah) said on NBC’S “Meet the Press.” Romney, one of only a handful of congressional Republicans to criticize Trump’s conduct regarding the election, said that “we’ve come to recognize that the president has a blind spot when it comes to Russia.”
Throughout his tenure, Trump has balked at consistently acknowledging that prior to the 2016 presidential vote, Russian hackers sought to help him and hurt his opponent, Hillary Clinton. He has also been been markedly deferential to Russian President Vladimir Putin, appearing to accept the autocratic leader’s word over that of U.S. intelligence agencies.
In a series of tweets Saturday, Trump downplayed the cyber-intrusions, saying it “is far greater in the Fake News Media than in actuality” and “everything is well under control.” He also suggested China might be a culprit and continued his assault on the integrity of America’s election system by baselessly suggesting hackers might have targeted voting machines.
The president’s assertions came just a day after Secretary of State Michael R. Pompeo said in a radio interview that “we can say pretty clearly that it was the Russians that engaged in this activity.”
Trump’s comments were sharply criticized by Virginia Sen. Mark R. Warner, the ranking Democrat on the Senate Intelligence Committee. “When the president of the United States either tries to deflect or is not willing to call out the adversary,” Warner said, “he is not making our country safer.”
Warner, who has been briefed by intelligence officials on the hack, said the intrusion was “extraordinarily serious” and added “all indications point to Russia” as the perpetrator.
Cybersecurity experts said the highly sophisticated attack on U.S. computer networks was part of a broader cyber-espionage campaign that included finding weaknesses in products and software purchased by government agencies and corporations, and infiltrating them. The break-in was so invasive, they said, that it was expected it would take weeks, if not months, to determine its scope, and far longer to expel the attackers.
“This was not a drive-by shooting on the information highway — this was a sniper round from somebody a mile away from your house,” said Kevin Mandia, CEO of the cybersecurity firm FireEye, whose company was the first to discover the breach.
Mandia, interviewed on CBS’ “Face the Nation,” called the methodology “utterly clandestine.”
Experts and government officials have determined that hackers last year sneaked into the networks of SolarWinds, a company in Austin, Texas, and dropped malware into a software update that was sent to more than 17,000 customers across the globe. Once government agencies and companies downloaded the update, the malware allowed the hackers to gain access to those systems, and to begin exploiting those backdoors nine months ago.
Even some GOP Trump allies who have studiously refrained from criticizing Trump for failing to point a finger at Russia urged a robust U.S. response.
“We need to have a forceful, effective, punishing response so people pay a price for this — think twice about doing it again,” said Sen. John Barrasso (R-Wyo.) on “Fox News Sunday.” Barrasso, the No. 3 Republican in the Senate, said the United States was “blindsided” by the hack.
Mixed messaging about the cyberattack from Trump and his senior aides is troubling, said Biden’s incoming chief of staff, Ron Klain.
“What we’ve heard is one message from the secretary of State, a different message from the White House,” Klain said on CBS’ “Face the Nation.” The U.S. position on the hack, he said, “should be coming in a clear and unambiguous voice.”
Biden, once in office, is “going to take steps as president to degrade the capacity of foreign actors to launch these kinds of attacks on our country,” Klain said.
But how to respond to the cyberattack is a matter of increasing debate. Romney, interviewed on CNN’s “State of the Union,” called for retaliation “of like magnitude or greater.”
But the recently fired chief of the Cybersecurity and Infrastructure Agency, Chris Krebs, counseled caution.
“I’d be very careful with escalating this,” said Krebs, also interviewed on CNN.
Krebs, who was dismissed by Trump for failing to back up the president’s unfounded claims of widespread election fraud, said “we need a conversation … among like-minded countries” as to what constitutes acceptable kinds of cyberespionage.
Other experts said the U.S. would have a difficult time justifying retaliation for a hack that was clearly related to espionage, not destruction. They noted the U.S. government routinely sneaked into other countries’ cyber networks to pilfer information.
“This is business as usual,” said Bruce Schneier, a cybersecurity expert and a lecturer at Harvard University. “The National Security Agency does this kind of thing all the time, and we are better at it.”
Moscow has denied involvement in the cyberattack. But Putin was reported on an official Russian website to have praised the SVR foreign intelligence service, which is suspected of having been behind the attack. The Russian leader, speaking at an event commemorating the role of Russia’s security services, did not mention the hacking accusations but hailed the SVR’s efforts as key to national sovereignty.
Krebs, in his CNN interview, acknowledged Russian skills at cyberespionage.
“They’re exceptionally good at this,” he said. “They’re quiet, they’re deliberate, they’re patient, and they’re careful.”
Outside experts concurred — and warned that the fallout would continue for a long time to come.
“We are just in the early innings of this,” said Dmitri Alperovitch, the former chief technical officer at CrowdStrike, a cybersecurity firm, who is now chairman of Silverado Policy Accelerator, a Washington-based think tank. “Due to the scale and size of this attack, and how good the Russians are at hiding themselves burrowing into networks, it is going to take these organizations many months to clean this up.”
This story originally appeared in Los Angeles Times.