Trump breaks his silence on huge cyber attack and says China may be responsible not Russia

BREAKING NEWS: Trump breaks his silence on huge cyber attack and says China may be responsible – despite Pompeo saying it was Russia – and voting machines could have been hit – but claims it is not as serious as is being reported

  • Donald Trump finally addressed the massive hack on US government agencies and private sector firms for the first time Saturday 
  • The president tweeted Saturday just before noon to downplay the hack claiming it ‘is far greater in the Fake News Media than in actuality’ 
  • He also suggested China could be behind the attack instead of Russia
  • Secretary of State Mike Pompeo publicly blamed Russia for the attack Friday and there have been no reports of Beijing’s involvement 
  • Trump went on to repeat unfounded claims of election fraud saying ‘there could also have been a hit on our ridiculous voting machines during the election’  
  • Trump has remained silent on the issue until now 
  • The Pentagon, FBI, Treasury and State Departments have all been compromised
  • The attack has been described as the cyber equivalent of Pearl Harbor and experts say the extent of the breach may never be known 

Donald Trump has broken his silence over the huge suspected Russian cyber attack claiming that China could be responsible, despite Secretary of State Mike Pompeo publicly blaming Russia the day before. 

The president tweeted Saturday just before noon to downplay the hack which has compromised broad swathes of the federal government and private sector and has been described as the cyber equivalent of the attack on Pearl Harbor.  

Trump brushed off the hack claiming it ‘is far greater in the Fake News Media than in actuality’ and insisted that ‘everything is well under control’. 

He also once again pushed unfounded claims of widespread fraud in the presidential election, saying that voting machines could have been hacked.   

Donald Trump has broken his silence over the huge suspected Russian cyber attack claiming that China could be behind the attack, despite Secretary of State Mike Pompeo publicly blaming Russia the day before

Donald Trump has broken his silence over the huge suspected Russian cyber attack claiming that China could be behind the attack, despite Secretary of State Mike Pompeo publicly blaming Russia the day before

Donald Trump has broken his silence over the huge suspected Russian cyber attack claiming that China could be behind the attack, despite Secretary of State Mike Pompeo publicly blaming Russia the day before

Trump tweeted claiming that China could be behind the attack, despite Secretary of State Mike Pompeo publicly blaming Russia the day before

Trump tweeted claiming that China could be behind the attack, despite Secretary of State Mike Pompeo publicly blaming Russia the day before

Trump tweeted claiming that China could be behind the attack, despite Secretary of State Mike Pompeo publicly blaming Russia the day before

GOVT AGENCIES KNOWN TO HAVE BEEN TARGETED BY HACKERS SO FAR

  • Pentagon
  • Treasury
  • FBI 
  • Department of State 
  • Department of Homeland Security 
  • Commerce Department
  • National Institutes of Health
  • Department of Energy
  • National Nuclear Security Administration 
  • Los Alamos National Laboratory 
  • Federal Energy Regulatory Commission
  • Office of Secure Transportation 
Advertisement

‘The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control,’ he tweeted.

Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).’ 

Trump’s fresh attack on China comes as tensions have escalated between the two nations this year as the president has accused President Xi Jinping of a ‘cover-up’ of the pandemic and insists on calling coronavirus  ‘the China virus’.  

There have been no reports of any involvement of Beijing in the cyber attack and Trump provided no information or evidence as to why he thought China may be involved.  

He continued in a follow-up post claiming without evidence that voting machines may have been hacked and that he ‘won big’ in the election.

He also tagged Pompeo and Director of National Intelligence John Ratcliffe in his tweet in a clear sign that he disagrees with the assessments from two of his top officials that the breach is both ‘significant’ and orchestrated by the Kremlin. 

‘There could also have been a hit on our ridiculous voting machines during the election, which is now obvious that I won big, making it an even more corrupted embarrassment for the USA. @DNI_Ratcliffe @SecPompeo.’

Twitter marked this tweet with a warning stating that ‘Election officials have certified Joe Biden as the winner of the U.S. Presidential election.’

His comments come just hours after Pompeo became the first US official to publicly attribute the massive hacking campaign to Russia.

‘There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems,’ Pompeo told The Mark Levin Show on Friday.

‘This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.’

Even before Pompeo’s comments, Russia was thought to be behind the attack. 

Donald Trump and China's President Xi Jinping. Trump hit out at China claiming the nation could be behind the attack

Donald Trump and China's President Xi Jinping. Trump hit out at China claiming the nation could be behind the attack

Donald Trump and China’s President Xi Jinping. Trump hit out at China claiming the nation could be behind the attack

Pompeo (pictured with his wife Susan) became the first US official to publicly attribute the massive hacking campaign to Russia Friday

Pompeo (pictured with his wife Susan) became the first US official to publicly attribute the massive hacking campaign to Russia Friday

Pompeo (pictured with his wife Susan) became the first US official to publicly attribute the massive hacking campaign to Russia Friday 

Several private security companies said the breach bears the hallmarks of a Kremlin operation. 

Some have pointed at the Russian hacking cell dubbed ‘Cozy Bear’ – though other experts argue that the tools and methods used in the new attack are different from any past breach, making attribution tricky. 

Russian President Vladimir Putin’s spokesman denied Kremlin involvement, and the Russian embassy said in a statement that the country ‘does not conduct offensive operations in the cyber domain.’  

Meanwhile, Ratcliffe on Wednesday issued a statement revealing that the breach on government agencies was ‘significant.’ 

‘This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,’ he said. 

Trump has remained quiet on the cyber attack until now. He posted a Christmas card with Melania Trump Friday but again provided no comment on the hack.

His silence did not go unnoticed with Democrats in Congress blasting Trump for failing to address the issue and demanding a harsh response on the perpetrators.  

‘Our nation is under assault. This cyberattack could be the largest in our history. We don’t yet know the extent of the damage, but we know that we weren’t prepared & have our work cut out for us,’ tweeted Rep. Jason Crow, a Colorado Democrat Friday.

‘We can’t wait for leadership, we need it now. @realdonaldtrump, where are you?’

Crow also likened the attack to Pearl Harbour in a follow-up tweet: ‘The situation is developing, but the more I learn this could be our modern day, cyber equivalent of Pearl Harbor.’   

This heat map of infections created by Microsoft shows that those infiltrated by the hackers are spread out across the US

This heat map of infections created by Microsoft shows that those infiltrated by the hackers are spread out across the US

This heat map of infections created by Microsoft shows that those infiltrated by the hackers are spread out across the US

In contrast to Trump, President-elect Joe Biden issued a statement Thursday about the attack where he vowed to make cybersecurity ‘imperative’ when he takes office and said he would not ‘stand idly by’.

‘I want to be clear: My administration will make cybersecurity a top priority at every level of government – and we will make dealing with this breach a top priority from the moment we take office,’ Biden said in a statement. 

‘We will elevate cybersecurity as an imperative across the government, further strengthen partnerships with the private sector, and expand our investment in the infrastructure and people we need to defend against malicious cyberattacks.’ 

While Trump attempted to brush off the severity of the hack, his comments come direct opposition to the concerns raised by top administration officials, politicians, tech giants and cybersecurity experts.  

The Cyber security and Infrastructure Security Agency said the attack posed a ‘grave risk’ to ‘critical infrastructure’ in both the public and private sector, and at all levels of government.

The agency also warned the sophisticated attack was hard to detect and will be difficult to undo. 

Senator Chris Coons, a Delaware Democrat, described the hack as an act of war telling MSNBC: ‘It’s pretty hard to distinguish this from an act of aggression that rises to the level of an attack that qualifies as war.’   

The sprawling attack compromised multiple government agencies, as well as a growing list of companies and local governments across the country. 

The two US agencies responsible for maintaining America’s nuclear weapons stockpile have already said they were compromised in the attack. 

The attack also breached the Pentagon, FBI, Treasury and State Departments. 

A spokesman for Russian President Vladimir Putin denied Russia was behind the attack

A spokesman for Russian President Vladimir Putin denied Russia was behind the attack

A spokesman for Russian President Vladimir Putin denied Russia was behind the attack

Microsoft said Friday it had already identified at least 40 government agencies and companies targeted by the hackers.  

A heat map of infections released by the tech giant, which has helped respond to the breach, shows that those infiltrated by the hackers are spread out across the US with agencies, companies and think tanks in New York, Washington DC and Texas among the hardest hit.   

Microsoft has not revealed the names of those infiltrated by the hackers but said nearly half were tech companies.  

The UK, Israel, Canada and the United Arab Emirates were also caught in the cross hairs. 

The breach was executed back in March and went undetected for nearly nine months fuelling concerns over the full extent of intelligence and top-secret information that may have fallen into the wrong hands.   

US officials on Friday revealed hackers had conducted a ‘dry run’ of their massive cyber attack more than a year ago.   

The hack involved a common software product made by Texas-based SolarWinds Corp, which is used by hundreds of thousands of organizations, ranging from government agencies to Microsoft and Fortune 500 companies. 

Trump posted this Christmas card photo on Friday with First Lady Melania as he continued to stay silent on the cyber attack

Trump posted this Christmas card photo on Friday with First Lady Melania as he continued to stay silent on the cyber attack

Trump posted this Christmas card photo on Friday with First Lady Melania as he continued to stay silent on the cyber attack

The hackers are believed to have targeted the company’s network management software Orion back in October 2019, five months before executing the full-scale breach in March. 

A version of Orion was tampered with around that time, however it did not contain the secret network backdoor – which authorities are calling SUNBURST – at the time, according to the CISA.   

SolarWinds, which disclosed its unwitting role at the center of the global hack on Monday, said up to 18,000 of its users downloaded a compromised update containing malicious code planted by the attackers.    

The true scale of who has been affected and what information has been stolen in the massive attack may never be known, officials and experts say. 

Experts say there simply are not enough skilled threat-hunting teams to properly identify all the government and private-sector systems that may have been hacked, and warn infected networks may have to be ‘burned to the ground’ and rebuilt from scratch. 

How hackers used legitimate software updates as camouflage for the ‘SUNBURST’ attack 

WHAT HAPPENED?

The hack began as early as March when malicious code was snuck into updates to popular software that monitors computer networks of businesses and governments. The malware, affecting a product made by U.S. company SolarWinds, gave elite hackers remote access into an organization’s networks so they could steal information. 

It wasn’t discovered until the prominent cybersecurity company FireEye determined it had been hacked. Whoever broke into FireEye was seeking data on its government clients, the company said – and made off with hacking tools it uses to probe its customers’ defenses.

Its apparent monthslong timeline gave the hackers ample time to extract information from a lot of different targets.

FireEye executive Charles Carmakal said the company was aware of ‘dozens of incredibly high-value targets’ compromised’ by the hackers and was helping ‘a number of organizations respond to their intrusions.’ 

He would not name any, and said he expected many more to learn in coming days that they, too, were infiltrated. 

WHAT IS SOLARWINDS? 

SolarWinds, of Austin, Texas, provides network-monitoring and other technical services to hundreds of thousands of organizations around the world, including most Fortune 500 companies and government agencies in North America, Europe, Asia and the Middle East.

Its compromised product, called Orion, accounts for nearly half SolarWinds’ annual revenue. The company’s revenue totaled $753.9 million over the first nine months of this year. 

Its centralized monitoring looks for problems in an organization’s computer networks, which means that breaking in gave the attackers a ‘God-view’ of those networks. 

HOW DID IT HAPPEN?

The US Cybersecurity and Infrastructure Security Agency on Thursday released an alert detailing what it knows about the breach, which has been called the biggest in US history.

CISA says that hackers were able to compromise the supply chain of network management software from SolarWinds, specifically recent versions of the SolarWinds Orion products. 

Beginning in March 2020, hackers used SolarWinds software updates to install a secret network backdoor, which authorities are calling SUNBURST.

The malicious code was signed by the legitimate SolarWinds code signing certificate. An estimated 18,000 customers downloaded the compromised updates.

Once installed on a network, the malware used a protocol designed to mimic legitimate SolarWinds traffic to communicate with a domain that has since been seized and shut down.

The initial contact domain would often direct the malware to a new internet protocol (IP) address for command and control. The attackers used rotating IPs and virtual private servers with IP addresses in the target’s home country to make detection of the traffic more difficult.

‘Taken together, these observed techniques indicate an adversary who is skilled, stealthy with operational security, and is willing to expend significant resources to maintain covert presence,’ CISA said in the alert.

CISA said that once inside a network, the hackers seemed focused on gathering information, and would frequently target the emails of IT and security staff to monitor any countermeasures.

Without offering further details, the agency warned that the hackers used ‘other initial access vectors beyond SolarWinds Orion,’ meaning even groups that do not use the network software could be compromised.

 

Advertisement

Advertisement

Loading

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow by Email
Pinterest
LinkedIn
Share