US intelligence agencies warn large-scale cyber attack ‘ongoing’

U.S. intelligence and security agencies have warned that the cyber-attack on government and companies announced at the weekend was “continuing” as Washington scrambled to find out the extent of the attack. damage.

The FBI, director of national intelligence and the Cybersecurity and Infrastructure Security Agency, said in a statement that they had formed an action group to respond to the vicious attack, which they described as “an important and ongoing cyber security campaign”.

“This is a developing situation, and whilst we will continue to work to realize the full potential of this initiative, we know that this compromise has had an impact on networks across the board. the federal government, ”the groups said.

Cyber ​​security experts are trying to determine the extent of the damage caused by the attack, which continued for months until it was discovered by FireEye, a cyber security company that also suffered the hockey campaign.

The hackers in March began installing malware in software updates that SolarWinds, an IT company, sent to government and private messengers that use their Orion software to manage their networks.

FireEye, SolarWinds and some U.S. officials have blamed “nation-state” spies for the breach. Secretary of state Mike Pompeo apparently fired Russia in response to a question about the hack on Monday, saying there had been “consistent” efforts by Moscow to try to gain access to the U.S. government. US and private sector networks.

Richard Blumenthal, the Democratic senator from Connecticut, also appeared at Russia on Wednesday after he and other members of Congress received a scheduled briefing from intelligence officials about the hack.

“Today’s preparedness meeting on the Russian cyber attack made me very scared, in fact I am very scared,” Mr Blumenthal wrote on Twitter. “Americans deserve to know what’s going on. Express what is known and unknown. “

Robert O’Brien, the White House’s national security adviser, made a brief trip to Europe on Tuesday to return to Washington to address the situation.

Security experts warned that the scale and luxury of the attack made it impossible to determine the extent of the damage.

Theresa Payton, former White House chief information officer and chief cyber security consulting officer Fortalice Solutions, said the hack was “a major challenge” for the incoming Biden administration as officials considering the amount of data stolen and what the hackers would want to use the information for.

Experts believe the hack is one of the most aggressive attacks on the U.S. government since China entered a government agency that holds personnel information, including sensitive data related to handing out security clearances, to millions of U.S. federal government employees.

SolarWinds said it estimated that “less than 18,000” of its customers had downloaded the infected software updates.

Earlier this week, Microsoft said that the hackers behind the latest attack could be other users within networks, giving them access to highly secure accounts.

But SolarWinds has said the breaches they found were due to manual, custom attacks – meaning the hackers may not have hacked everyone who was exposed. FireEye said Wednesday it had identified a killer turnaround that could stop the attackers from fattening within networks.

Lean Demetri Sevastopulo and Hannah Murphy on Twitter

Daily newsletter

#TechFT brings you news, views and analysis of the major companies, technologies and issues that are shaping this fastest movement of segments from established experts around the world. Click here for #techFT in your inbox.