Vladimir Putin has given his personal backing to the Russian intelligence agency accused of launching a massive cyberattack against the US government.
The Kremlin leader appeared at the headquarters of the SVR, Russian Foreign Intelligence Service, to mark its 100th anniversary on Sunday.
While not referring to hacking, Putin lauded the work of intelligence agents in protecting Russia on an annual holiday for the country’s intelligence officers.
A hatless Putin – himself a former KGB agent – stood in the freezing cold outside the SVR HQ to say: ‘I wish success to everyone who defends Russia, our people from external and internal threats, defends sovereignty and national interests.
‘And for whom the safety and well-being of the Motherland was, is and will be the main business of their entire life.’
He stressed: ‘The most serious attention should be paid to information security.’
Vladimir Putin gave his personal backing to Russia’s SVR foreign intelligence agency at an event commemorating its 100th anniversary on Sunday in Moscow (pictured). The event came days after the SVR was accused of launching a massive cyberattack against the US
Putin braved frigid temperatures to give his speech outside the SVR’s headquarters. ‘I wish success to everyone who defends Russia, our people from external and internal threats, defends sovereignty and national interests,’ he said
Putin praised young new staffers – believed to include many with skills in hacking – recruited to Russia’s foreign intelligence service.
‘I want to congratulate those who have recently chosen this fate for themselves, sometimes associated with considerable risk,’ he said.
Agents must ‘respond flexibly to the high dynamics of changes in the international situation and actively participate in identifying and neutralizing potential threats to Russia,’ he said.
In a temperature of around minus 1C (30F), Putin hailed the role of the former KGB during the Soviet era, when it was widely seen as responsible for multiple repressions, and the current role of his security organs in fighting terrorism.
‘Our common task is to confront any attempts to revise history, including silencing or distorting the role of our special services in the defeat of Nazism and, more generally, in ensuring the national security and national interests of our country,’ he said.
Putin spoke in support of the SVR as the vast agency is accused of being behind a vast data breach hacking the networks of government agencies, private companies and think-tanks for months.
The scale of the operation hitting 40 separate targets has shocked seasoned cyber experts with little doubt this was a huge state-level operation to penetrate sensitive US facilities.
A company called SolarWinds was hacked, permitting an open door into public and private sector computer systems.
SolarWinds is behind critical network monitoring software utilized both by the US government and many blue-chip American firms.
Putin’s spokesman denied Kremlin involvement in the attack, and the Russian embassy said in a statement that the country ‘does not conduct offensive operations in the cyber domain’.
Putin spoke in support of the SVR as the vast agency is accused of being behind a vast data breach hacking the networks of government agencies, private companies and think-tanks
GOVT AGENCIES KNOWN TO HAVE BEEN TARGETED BY HACKERS SO FAR
- Department of State
- Department of Homeland Security
- Commerce Department
- National Institutes of Health
- Department of Energy
- National Nuclear Security Administration
- Los Alamos National Laboratory
- Federal Energy Regulatory Commission
- Office of Secure Transportation
Earlier the Russian state media gleefully seized on President Donald Trump’s remarks playing down the role of Russia in the hacking.
The US president hit out at Secretary of State Mike Pompeo for blaming Russia for the huge cyber attack on the US in a tweet on Saturday.
Tagging Pompeo, Trump asserted that China was behind the unprecedented hack on US government agencies and private sector firms, after the secretary of state said on Friday that the Kremlin was to blame.
Russian state news agency TASS headlined a story in the wake of Trump’s comments: ‘White House cancels release of statement alleging Russia involvement in cyber attacks.’
Another state agency Sputnik also cited US sources as saying the US government ‘backs away’ from ‘blaming Russia’.
Sputnik also reported that Trump had ‘berated media outlets for excluding China’s potential involvement in the attack, which, he believes, might be the case’.
They also seized on the president’s claim that ‘the true scale of recent cyberattacks on US government agencies was greatly exaggerated’.
This followed Pompeo alleging ‘it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity’.
He also emphasized it was a direct and serious attack on the US government by Moscow.
He called it ‘a significant effort to use a piece of third-party software to essentially embed code inside of US government systems’.
US Secretary of State Mike Pompeo (pictured) blamed Russia for the attack on Friday
President Donald Trump hit out at Pompeo in a tweet on Saturday, downplaying the severity of the hack and shifting blame to China
Even before Pompeo’s comments, Russia was thought to be behind the attack.
Several private security companies said the breach bears the hallmarks of a Kremlin operation.
‘Cozy Bear’: The Russian hacker cell suspected in attack
Russia denies involvement in the SUNBURST attack, but US officials say the nation is behind the ‘Advanced Persistent Threat’ (APT) that carried out the audacious breach.
Sources say that one top suspect is APT29, the Kremlin-linked group also known as Cozy Bear.
Cozy Bear is best known as the group said to be responsible for the 2016 breach of the Democratic National Committee’s servers.
Experts believe that Cozy Bear operates as part of one of Russia’s intelligence agencies.
Some doubt the attribution of SUNBURST to Cozy Bear, through, noting that the tools used in the attack have never been seen before.
Some have pointed at the Russian hacking cell dubbed ‘Cozy Bear’ – though other experts argue that the tools and methods used in the new attack are different from any past breach, making attribution tricky.
The sprawling attack compromised multiple government agencies, as well as a growing list of companies and local governments across the country.
The two US agencies responsible for maintaining America’s nuclear weapons stockpile have already said they were compromised in the attack.
The attack also breached the Pentagon, FBI, Treasury and State Departments.
Other victims to fall foul of the attack include the Pima County, Arizona government and cable television company Cox Communications Inc, according to Reuters.
Microsoft said Friday it had already identified at least 40 government agencies and companies targeted by the hackers.
A heat map of infections released by the tech giant, which has helped respond to the breach, shows that those infiltrated by the hackers are spread out across the US with agencies, companies and think tanks in New York, Washington DC and Texas among the hardest hit.
Microsoft has not revealed the names of those infiltrated by the hackers but said nearly half were tech companies.
The UK, Israel, Canada and the United Arab Emirates were also caught in the cross hairs.
The breach was executed back in March and went undetected for nearly nine months fueling concerns over the full extent of intelligence and top-secret information that may have fallen into the wrong hands.
This heat map of infections created by Microsoft shows that those infiltrated by the hackers are spread out across the US
Trump’s comments brushing off the severity of the hack came in direct opposition to the concerns raised by top administration officials, politicians, tech giants and cybersecurity experts.
The Cyber security and Infrastructure Security Agency said the attack posed a ‘grave risk’ to ‘critical infrastructure’ in both the public and private sector, and at all levels of government.
‘CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,’ the agency said Thursday.
‘CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.’
The agency also warned the sophisticated attack was hard to detect and will be difficult to undo.
Trump had remained quiet on the attack until his tweet at Pompeo on Saturday which followed a report from CNN claiming that White House officials had prepared a statement blaming Russia and planned to release it Friday afternoon but were ordered not to.
Sources told the outlet that the statement said Russia was responsible but that the government could not yet rule out involvement from others.
They said they were not told why the statement was not released.
His silence did not go unnoticed with Democrats in Congress blasting Trump for failing to address the issue and demanding a harsh response on the perpetrators.
‘Our nation is under assault. This cyberattack could be the largest in our history. We don’t yet know the extent of the damage, but we know that we weren’t prepared & have our work cut out for us,’ Rep Jason Crow (D – Colorado) tweeted on Friday.
‘We can’t wait for leadership, we need it now. @realdonaldtrump, where are you?’
Crow also likened the attack to Pearl Harbour in a follow-up tweet: ‘The situation is developing, but the more I learn this could be our modern day, cyber equivalent of Pearl Harbor.’
In contrast to Trump, President-elect Joe Biden issued a statement Thursday about the attack where he vowed to make cybersecurity ‘imperative’ when he takes office and said he would not ‘stand idly by’.
‘I want to be clear: My administration will make cybersecurity a top priority at every level of government – and we will make dealing with this breach a top priority from the moment we take office,’ Biden said in a statement.
‘We will elevate cybersecurity as an imperative across the government, further strengthen partnerships with the private sector, and expand our investment in the infrastructure and people we need to defend against malicious cyberattacks.’
Biden’s team considers options on Russia hacking punishment
President-elect Joe Biden’s team will consider several options to punish Russia for its suspected role in the unprecedented hacking of US government agencies and companies once he takes office, from new financial sanctions to cyberattacks on Russian infrastructure, people familiar with the matter say.
The response will need to be strong enough to impose a high economic, financial or technological cost on the perpetrators, but avoid an escalating conflict between two nuclear-armed Cold War adversaries, said one of the people familiar with Biden’s deliberations, speaking on condition of anonymity.
The overarching goal of any action, which could also include stepped-up counter cyber espionage efforts, would be to create an effective deterrence and diminish the potency of future Russian cyber spying, the person said.
The unfolding crisis – and the lack of visibility over the extent of the infiltration into the computer networks of federal agencies including the Treasury, Energy and Commerce Departments – will push to the front of Biden’s agenda when he takes office on January 20.
President-elect Joe Biden’s team will consider several options to punish Russia for its suspected role in the unprecedented hacking of US government agencies and companies once he takes office, from new financial sanctions to cyberattacks on Russian infrastructure, people familiar with the matter say
President Donald Trump only acknowledged the hacking on Saturday almost a week after it surfaced, downplaying its importance and questioning whether the Russians were to blame.
The discussions among Biden’s advisers are theoretical at this point and will need to be refined once they are in office and have full view of U.S. capabilities.
Biden’s team will also need a better grasp of US intelligence about the cyber breach before making any decisions, one of the people familiar with his deliberations said. Biden’s access to presidential intelligence briefings was delayed until about three weeks ago as Trump disputed the November 3 election results.
With Trump taking no action, Biden’s team are concerned that in the coming weeks the president-elect may be left with only one tool: bluster, according to one of the people familiar with his options.
‘They’ll be held accountable,’ Biden said in an interview broadcast on CBS on Thursday when asked about how he would deal with the Russian-led hack. He vowed to impose ‘financial repercussions’ on ‘individuals as well as entities’.
The response could be an early test of the president-elect’s promise to cooperate and consult more effectively with US allies, as some proposals likely to be put before Biden could hit the financial interests or infrastructure of countries friendly to the United States, a person familiar with the matter said.
‘Symbolic won’t do it’ for any US response, said James Andrew Lewis, a cyber security expert at the Center for Strategic and International Studies, a Washington think tank. ‘You want the Russians to know we’re pushing back’
A spokeswoman for Biden’s transition team did not respond to a request for comment.
Reporting by Reuters