AP: Hack against US is ‘grave threat,’ cybersecurity agency says

cont’d

The intentions of the perpetrators appear to be espionage and gathering information rather than destruction, according to security experts and former government officials. If so, they are now remarkably well situated.

Thomas Bossert, a former Trump Homeland Security adviser, said in an opinion article in The New York Times that the U.S. should now act as if the Russian government had gained control of the networks it has penetrated. “The actual and perceived control of so many important networks could easily be used to undermine public and consumer trust in data, written communications and services,” he wrote.”

Members of Congress said they feared that taxpayers’ personal information could have been exposed because the IRS is part of Treasury, which used SolarWinds software.

Tom Kellermann, cybersecurity strategy chief of the software company VMware, said the hackers are now “omniscient to the operations” of federal agencies they’ve infiltrated “and there is viable concern that they might leverage destructive attacks within these agencies” in reaction to U.S. response.

Among the business sectors scrambling to protect their systems and assess potential theft of information are defense contractors, technology companies and providers of telecommunications and the electric grid.

A group led by CEOs in the electric power industry said it held a “situational awareness call” earlier this week to help electric companies and public power utilities identify whether the compromise posed a threat to their networks.

And dozens of smaller institutions that seemed to have little data of interest to foreign spies were nonetheless forced to respond to the hack.

The Helix Water District, which provides drinking water to the suburbs of San Diego, California, said it provided a patch to its SolarWinds software after it got an advisory the IT company sent out about the hack to about 33,000 customers Sunday.

“While we do utilize SolarWinds, we are not aware of any district impacts from the security breach,” said Michelle Curtis, a spokesperson for the water district.

I said 3 weeks ago that trump stirring up all this bullshit about the election was putting National Security in danger

R2 And the odious retarded bastard has yet to mention any of this or to condemn Russia, preferring to drone on and on about his imaginary win and psychotic conspiracy theories.

"Not my problem!" said Trump, golfing

This is really fucked up!!!

"Why hasn't this President spoken out against the Russians and what they have done? They've compromised our basic national security and the depths of it, we still don't know," Sen. Durbin says of Pres. Trump's lack of response to the Russian hack

Wait, if Russia did it to the US, can’t we assume we’ve done the same right back to their systems and infrastructure? It’s not like our spy hackers aren’t as good as theirs, right?

Sort of a mutually-assured destruction thing?

OTOH, we are (or were) a first world country, so the destruction over here wd be more crippling than over in the former USSR.

Thots?

Wonderful:

[quote] Nuclear weapons agency breached amid massive cyber onslaught

[quote]Hackers accessed systems at the National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile.

Buttery Males. She can't be trusted with classified info!

Did you read that SolarWinds' password was SolarWinds123? I did, but now I forget where.

From Twitter:

Russia attempts to murder pro-democracy Navalny

Russia attempts to hack our election systems

Russia puts a bounty on our US soldiers heads

Russia successfully hacks US Government computer systems

Dump remains absolutely silent each and every time.

I can't wait for Biden to get into office. I think a little payback is in store.

Remember when Trump and Pompeo (when he was at the CIA) hosted the Russians in 2018 ?

U.S. intelligence officials met with Sergey Naryshkin, the head of Russia’s foreign intelligence agency, known as the SVR

THEY INVITED THEM INTO OUR HOUSE

R13 Interesting.

And once again the steaming pile of traitorous shit that is the Republican Party is completely fucking silent.

We must have either the most inept fucking intelligence department on the planet or the most traitorous.

These motherfuckers have done nothing but stupid shit since 2016.

The media should be focusing on this and questioning them all.

This is war. It needs to be acknowledged as such. Hopefully Biden will call it as it is.

I have no doubt that Trump gave Putin the key to the city. He sold us down the river. I hope Trump spends the rest of his life in jail.

r14...It was widely reported at the time...just google "Pompeo meets with Russians at CIA" and you'll have numerous hits...as well as Pompeo lying his ass off about it.

Here's one...

Even Romney is chiming in:

[quote] Mitt Romney to SiriusXM on the Russia hack: "Our national security is extraordinarily vulnerable. And, in this setting, to not have the White House aggressively speaking out and protesting and taking punitive action is really, really quite extraordinary."

[quote] Can the Russia hack finally put the lie to the claim “no one’s been tougher on Russia than Trump”? What Russian aggressive action has Trump admin policy successfully deterred?

Romney needs to sit his ass down. Hes the male Susan Collins...always concerned but never does anything about it and even votes for it. Remember, according to the GOP, Trump and Russia is a hoax and a witch hunt. All this shit happened in front of their faces and they did NOTHING...which is COMPLICITY...and it was all widely reported...its all out there in the open.

[quote] No statement, no tweet, nothing from @marcorubio on Russia hack of Federal agencies

[quote]As Chair of Senate Intelligence his silence=complicity

He's too busy clutching his pearls because Jen O'Malley Dillon accurately described him and his ilk with a dirty word.

That's what we get when we have a psycho President wanting all of his administration to join him in obsessively focusing on a fraud reelection scandal while other governments and terrorist organizations look for chances to take advantage and commit these acts while his and his cronies' are distracted.

Seems like Putin is taunting Trump, making him sit in a corner with his trap shut, because if Trump opens his mouth even a peep, Putin will swat him like a fly and we'll all find out what ol' Vlad has been using for leverage these past four years.

Inside the big hack: Suspected Russia hackers used incredible tradecraft to spy on just about everyone in a campaign broader than just SolarWinds that may stretch back years. How they did it, and how FireEye caught them:

[quote] I cannot underscore enough how serious and widespread this Russian hack appears to be. As more info seeps out, I fear we are going to learn that Russia has gained access to a tremendous amount of info about our government and corporations. This requires an aggressive response.

[bold]Trump remains silent as massive cyber hack poses 'grave risk' to government[/bold]

(CNN) When President Donald Trump convened his Cabinet at the White House Wednesday as Washington absorbed news of a massive data breach, the heads of most agencies relevant to the intrusion — including the Department of Defense, the State Department, the Justice Department, the director of national intelligence and the Central Intelligence Agency — were absent.

After the meeting, Trump said nothing about the attack, which went undetected by his administration's intelligence agencies for months. As those agencies now mobilize to assess the damage — which the government said Thursday could be more widespread than initially thought, posing a "grave risk to the federal government" — the President himself remains silent on the matter, preoccupied instead with his election loss and his invented claims of widespread voter fraud.

The massive data breach, revealed in the final weeks of Trump's administration, amounts to a dramatic coda for a presidency clouded by questions of deference to Russia and unsuccessful attempts to warm relations with its President, Vladimir Putin. Just as he has largely ignored the latest surge in coronavirus cases, Trump appears to have all but abdicated responsibility in his final weeks in office.

The White House has not listed an intelligence briefing on the President's daily schedule since early October, though officials say he is regularly briefed on intelligence even when a formal briefing doesn't appear on his calendar and a senior White House official told CNN that Trump was briefed on the hack by his top intelligence officials on Thursday.

Biden briefings

Members of President-elect Joe Biden's staff were also briefed by officials on the massive intrusion, an official from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency said. Biden himself has also been given details in his daily classified briefing, which has been listed on his public schedule each day this week.

"Our adversaries should know that, as President, I will not stand idly by in the face of cyber assaults on our nation," Biden said in a statement on Thursday, making no specific mention of Trump or his administration, but also not naming Russia as the culprit.

The wide-ranging and extraordinary intrusion by suspected Russian hackers of US government systems has launched a technical soul-searching mission among the government's leading cyber officials and outside experts over how this months-long, ongoing cyber campaign managed to go undetected for so long.

It wasn't until Wednesday night that the US government formally acknowledged that the ongoing cyber campaign was still active. The revelation comes at a particularly fraught time during a divisive presidential transition and after an election that had been, by all accounts, free of foreign interference.

It's unclear when, if at all, Trump may have been briefed on the latest hack. Nor is it clear how engaged Trump has been in responding. He has left all public responses to members of his Cabinet and administration. And despite a healthy pace of tweets about the election results and his false claims of voter fraud, he has not issued any message about the hack.

Sen. Mitt Romney, a Utah Republican who has been a frequent Trump critic, said Thursday it was "stunning" Trump had not responded yet.

"I think the White House needs to say something aggressive about what happened," Romney said. "This is almost as if you had a Russian bomber flying undetected over the country, including over the nation."

Trump's national security adviser Robert O'Brien did cut short a trip to Europe to return to Washington for urgent meetings on the hack earlier this week, and the White House has convened daily discussions with national security agencies related to the intrusion, according to people familiar with the matter.

The House and Senate Intelligence Committees were briefed on the issue Wednesday, but lawmakers have since made clear that there are still more questions than answers.

"(The) dirty fact is most entities don't know they've been hacked," Rep. Mike Quigley, a Democrat from Illinois who serves on the House Intelligence Committee, told CNN Thursday.

Senate Republicans on Thursday said they didn't see an issue in Trump's silence while his administration works to get to the bottom of the matter.

"There's still information gathering occurring, so I'd caution anyone reaching conclusions or making pronouncements until all that is in," said Senate Intelligence Chairman Marco Rubio. "I think there's a lot that still needs to be learned about it. I would caution anyone from speaking out too much about something when there's still a lot of facts being gathered.

'A very big deal'

Sen. Josh Hawley, who sits on Senate Armed Services, says he hasn't been briefed on the hack. "I'm fine with what they said publicly," he said of the administration. "It's a very big deal. And we certainly need to learn more ... I'm really concerned about it."

Asked if Trump should address this publicly, Hawley said: "I think the most important thing is to get report out and let us know the extent of the breach is. They may be trying to figure that out."

While Trump has not said anything about the attack, his former homeland security adviser Tom Bossert urged the President in an op-ed to formally attribute responsibility and, if Russia is confirmed behind it, "make it clear to Vladimir Putin that these actions are unacceptable."

Trump is also threatening to veto the National Defense Authorization Act over a provision requiring renaming of military bases named for Confederate leaders and because he wants a provision added to reform liability laws for social media companies like Twitter. The defense policy bill includes provisions that would help the US government address cyber threats.

"We have provisions in the bill that he needs in case the hacking, the cyber threats that are out there," Senate Armed Services Chairman Jim Inhofe said of Trump and the NDAA, which he has shepherded. But Inhofe, who has been briefed on the hack, said he wouldn't criticize Trump for failing to speak out.

Sen. Tim Kaine, a Democrat on the panel, also hasn't been briefed yet but said he is trying to set one up for himself for Friday.

"I think he should, but frankly I don't think he will," Kaine said when asked if Trump should address it forcefully. "I don't think we will probably get a straight answer about the depths of this and what we need to do counter it until the new administration is in place."

As the contours of the data breach are still coming into view, the incident underscores how little Trump's efforts to court Putin have done to improve relations with Moscow over the past four years. Even as he frustrated his own advisers by delaying punitive measures and attempting to befriend his Russian counterpart, Trump ends his term confronted with one Russia's most brazen attempts to date at infiltrating American systems.

That is much like how Trump began his presidency, when American intelligence agencies assessed Russia had worked to influence the 2016 presidential election on Trump's behalf. The President's unwillingness to confront Russia on that front, or issue any warnings to Putin to not do interfere again, have fueled the impression among his critics that he is soft on Putin.

A tweet Trump issued in 2017, following his first meeting with Putin on the sidelines of a G7 meeting in Hamburg, has now come to exemplify the naiveté with which many in Congress and even inside the administration say Trump approached Russia.

"Putin & I discussed forming an impenetrable Cyber Security unit so that election hacking, & many other negative things, will be guarded," he wrote then, an idea that was mocked at the time and never came to fruition.

While Putin was one of the last world leaders to recognize Biden as the victor of the US election, he did finally acknowledge the President-elect's win this week, saying in a message he was "ready for contacts and interactions with you."

"We need an honest reset in terms of relationships between the United States and Russia," Sen. Richard Durbin, D-Illinois, said on Wednesday. "We can't be buddies with Vladimir Putin and have him at the same time making this kind of cyber attack on America. This is virtually a declaration of war by Russia on the United States, and we should take it that seriously."

Silence

It wasn't only election meddling that failed to draw condemnation from the President; he did not raise with Putin the issue of Russia placing bounties on US soldiers in Afghanistan when he spoke to him over the summer — another issue that Trump claimed was never contained in his intelligence briefings, even though officials said it was included a written briefing from February.

After multiple US troops were injured in Syria after what the Pentagon described as "deliberately provocative and aggressive behavior" by Russian forces, Trump did not respond. And in October, even after the EU and United Kingdom sanctioned six top Russian officials close to Putin for the poisoning of Russian opposition leader Alexei Navalny, Trump did not.

In his book published after leaving the White House on poor terms with Trump, former national security adviser John Bolton wrote the President privately complained about sanctions and other punitive measures imposed on Russia.

Bolton listed a bevy of administration actions against Russia, saying Trump "touted these as major achievements, but almost all of them occasioned opposition, or at least extended grumbling and complaining, from Trump himself."

Perpetually frustrated by what he called the "Russia hoax," Trump has accused his opponents of trying to stymie good relations with Moscow as they sought to investigate links between his campaign and Russian election interference.

So annoyed has Trump become at mention of Russian misdeeds that, in the past, he has resisted intelligence warnings about Russia, leading members of his national security ream — including those who delivered the President's Daily Brief — to brief him less often on Russia-related threats to the US, multiple former Trump administration officials have told CNN.

When his oral intelligence briefing included information related to Russia's malign activities against the United States, Trump often questioned the intelligence itself.

CNN's Alex Marquardt, Zachary Cohen, Brian Fung, Jennifer Hansler and Kaitlan Collins contributed to this report.

It's China, you retards.

Russia!

It must be Russia!!!

JFC you people are tiresome.

But Vlad and me were gonna work on security together!!!

R34 Do you have more information than federal authorities, asshole?

Sanction Russia back to the middle ages

R33/R34 The tiresome retard is Dump and its ilk.

Putin assures me that Russia didn't hack our computers. It wasn't Russia. It could have been a 300-pound guy in his basement.

Go back to FOX News, R33/ 34. With their Chinese obsession and inability to see re as little in regards to Trump, COVID, Russia, the election results, etc. Or better yet, take your shitty ass 'proof' it was China and talk to the FBI and CIA. Their the ones who have seen the mother fuckin evidence and say it's the damn RUSSIANS.

*to see reality

The Tramp has trampled on our nation’s values and extolled hatred and avarice.

I think this has been going on for four years. The only reason we know about it now is that Biden is now getting the intelligence briefings. Of course, it was an easy hack. Trump and Pompeo gave them all the passwords and then had the NSA order everyone from the highest goverment office to every contractor who was hacked to remain silent. There is no surprise here. They should be put to death for treason.

Incredible.

What are the chances that these hacks are helping the Repugs cover up their crimes by purging the incriminating evidence from all the government agencies and contractors?

Jesus, it really is just one bad thing after another this year, isn't it?

You are really fucking stupid if you think Russia and not china is responsible. Russia is a pissant nothing country with no power. Meanwhile china is taking over the fucking planet. Morons

R47 And yet, whether it was China or Russia who hacked our government, it happened under this president’s watch, and has still gone unaddressed by this president, his staff, and his supporters.

Additionally, I don’t but the whole “Trump is tough on China” bit, either, especially considering that he has a bank account in China and paid more taxes to that country’s government ($188,561 to be precise) than he did to his own {$750!).

Everything about Dump is a lie, con, crime, insult, and assault. Save your bullshit and deflection for someone else.

*don’t [bold]buy[/bold] the whole “Trump is tough on China” bit

[bold] With Trump silent, reprisals for hacks may fall to Biden[/bold]

WASHINGTON (AP) — All fingers are pointing to Russia as the source of the worst-ever hack of U.S. government agencies. But President Donald Trump, long wary of blaming Moscow for cyberattacks, has so far been silent.

The lack of any statement seeking to hold Russia responsible casts doubt on the likelihood of a swift response and suggests any retaliation — whether through sanctions, criminal charges or cyber actions — will be left in the hands of President-elect Joe Biden’s incoming administration.

“I would imagine that the incoming administration wants a menu of what the options are and then is going to choose,” said Sarah Mendelson, a Carnegie Mellon University public policy professor and former U.S. ambassador to the U.N.’s Economic and Social Council. “Is there a graduated assault? Is there an all-out assault? How much out of the gate do you want to do?”

To be sure, it’s not uncommon for administrations to refrain from leveling public accusations of blame for hacks until they’ve accumulated enough evidence. Here, U.S. officials say they only recently became aware of devastating breaches at multiple government agencies in which foreign intelligence agents rooted around undetected for as much as nine months. But Trump’s response, or lack thereof, is being closely watched because of his preoccupation with a fruitless effort to overturn the results of last month’s election and because of his refusal to publicly acknowledge that Russian hackers interfered in the 2016 presidential election in his favor.

Exactly what action Biden might take is unclear, or how his response might be shaped by criticism that the Obama administration did not act aggressively enough to thwart interference in 2016. He offered clues in a statement Thursday, saying his administration would be proactive in preventing cyberattacks and impose costs on any adversaries behind them.

U.S. government statements so far have not mentioned Russia. Asked about Russian involvement in a radio interview Monday, Secretary of State Mike Pompeo acknowledged that Russia consistently tries to penetrate American servers, but quickly pivoted to threats from China and North Korea.

Democratic Sens. Dick Durbin and Richard Blumenthal, who were briefed Tuesday on the hacking campaign in a classified Armed Services Committee session, were unequivocal in blaming Russia.

There are other signs within the administration of a clear-eyed recognition of the severity of the attack, which happened after elite cyber spies injected malicious code into the software of a company that provides network services. The civilian cybersecurity agency warned in an advisory Thursday that the hack posed a “grave risk” to government and private networks.

A response could start with a public declaration that Russia is believed responsible, already a widely shared assessment in the U.S. government and cybersecurity community. Such statements often aren’t immediate. It took weeks after the incidents became public for the Obama administration to finger North Korea in the Sony Pictures Entertainment hack in 2014 and for then-national intelligence director James Clapper to confirm China as the “leading suspect” in hacks of the Office of Personnel Management.

Public naming-and-shaming is always part of the playbook. Trump’s former homeland security adviser Thomas Bossert wrote this week in a New York Times opinion piece that “the United States, and ideally its allies, must publicly and formally attribute responsibility for these hacks.” Republican Sen. Mitt Romney said in a SiriusXM radio interview that it was “extraordinary” the White House has not spoken out.

Another possibility is a federal indictment, assuming investigators can accumulate enough evidence to implicate individual hackers. Such cases are labor-intensive and often take years, and though they may carry slim chances of courtroom prosecution, the Justice Department regards them as having powerful deterrent effects.

Sanctions, a time-honored punishment, can have even more bite and will almost certainly be weighed by Biden. President Barack Obama expelled Russian diplomats over the 2016 election interference, and the Trump administration and Western allies took similar action against Moscow for its alleged poisoning of an ex-intelligence officer in Britain.

Exposing Kremlin corruption, including how Russian President Vladimir Putin accrues and hides his wealth, may amount to even more formidable retaliation.

“This isn’t just a tit-for-tat or hacking back into their systems,” said Mendelson, the former ambassador. “It’s, ‘We’re going to go for what you really care about, and what you really care about is the funds that are stashed, and revealing the larger network and how it’s connected to the Kremlin.’”

The U.S. can also retaliate in cyberspace, a path made easier by a Trump administration authorization that has already resulted in some operations.

Former national security adviser John Bolton told reporters at a 2018 briefing that offensive cyber operations against foreign rivals would now be part of the U.S. arsenal and that the U.S. response would no longer be primarily defensive.

“We can totally melt down their home networks,” said Jason Healey, a Columbia University cyberconflict scholar. “And any time we see their operators popping up they know that we are going to go after them, wherever they are.”

U.S. Cyber Command has also taken more proactive measures, engaging in what officials describe as “hunt forward” operations that let them detect cyber threats in other countries before they reach their intended target. Military cyber fighters, for instance, partnered with Estonia in the weeks before the U.S. presidential election in a joint operation aimed at identifying and defending against threats from Russia.

While the U.S. is also prolific in its offensive cyberintelligence-gathering — tapping allied foreign leaders’ phones and inserting spyware into commercial routers, for instance — such efforts are measured compared to the infection of 18,000 government and private-sector organizations in the SolarWinds hack, Healey said.

The better response — since espionage itself is not a crime — is to triple down on defensive cybersecurity, Healey said.

David Simon, a cybersecurity expert and former Defense Department special counsel, said there must be consequences for those who responsible for attacks — and the Trump administration “has fallen far short in holding the Kremlin accountable.”

“Until it’s clear the U.S. will impose meaningful costs on adversaries,” he said in an email, “a material change in the Kremlin’s behavior is not likely to be seen.”

This did happen under trumps watch and it's a fucking disaster r48. A massive fuckup that will be exploited and I don't wanna imagine the repurcussions

R52 I hear ya. The fact that he has yet to mention this and is instead choosing to focus on an election that he lost nearly two months ago is both telling and totally irrefuckingsponsible. God, I can’t wait until he’s gone.

I doubt Trump had a bunch of employees in multiple agencies remain silent, but I do think he simply failed to fill those jobs, or had employees report to a handful of supervisors and directors who were happy to help cover for Trump. These lackeys would promise the few employees who noticed there was some kind of security problem that it was being looked at and then not do anything about it. That alone would stall things for months.

Frankly, I'm just happy that the hackers are Russians and not Iranians. Being so close to January 20th, for once we can perhaps be thankful for President Bone Spurs' lard-assed preponderance for inaction, rather than worry about his more bellicose impulses.

[bold]Suspected Russian hack is much worse than first feared: Here's what you need to know[/bold]

KEY POINTS

-The U.S. Cybersecurity and Infrastructure Security Agency said the threat "poses a grave risk to the federal government."

-CISA has not said who it thinks is the "advanced persistent threat actor" behind the "significant and ongoing" campaign, but many experts are pointing to Russia.

-It's not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.

[bold] Lawmakers ask whether massive hack amounted to act of war[/bold]

Russia is such a fucking garbage dump of a country.

Is it too late to impeach him again?

Axios is reporting Trump plans to roll out his first wave of pardons later today...

This just keeps getting more idiotic.

"Butter emails", while nothing is said about Jarvanka still using their personal emails to conduct federal business. Under security clearances from dad, since the FBI wouldn't approve them.

The USDA is among the agencies breeched, just when our IT departments were downsized, then consolidated to a central unit that would be "more efficient" . Of course it's not, and we lost a number of skilled specialists who didn't want to relocate.

Oh no, Russian election tampering proven!

R36

Are dumb enough to believe Russian hackers selected Trump?

Is that you, Super Patriot at R63? You sound testy! Why? God is in control, buddy! Q says relax!