Unlike Pompeo, Trump clearly does not blame the Russians for the cyber attack
In a recent statement, the cyber security agency CISA referred to the incident as the work of an APT-type group, an acronym for state-sponsored cybercriminals. However, many analysts have spoken in recent days about a likely Russian action.
"It was a very important campaign and I think we are now in a situation where we can say quite clearly that these activities were carried out by the Russians,"
Pompeo said. "I can't tell you much more, because we're still analyzing exactly what it's all about," the head of diplomacy quoted NBC News.
Whenever something happens, suspicion falls on Russia. It could have been China, but this possibility is not talked about "mainly for financial reasons", Trump wrote on Twitter today, contrary to the words of the head of American diplomacy, who commented on the case for the first time. The president also downplayed the scale and impact of the cyber attack. According to him, the attack in the "lying media" is described as much more extensive than it actually is. "I was fully informed and everything is under control," he added.
According to the media, it is clear that the attack affected a number of federal government institutions. First, Reuters reported last Sunday on an attack on the Ministry of Finance, and in the following days the list was expanded to include the Ministries of Trade, Internal Security, Foreign Affairs and Defense. Referring to its sources, Politico said on Thursday that hackers also entered the networks of the Department of Energy and the National Bureau of Nuclear Safety (NNSA), which manages US nuclear weapons. In addition, dozens of companies from different countries are likely to be victims.
The perpetrators did not attack these targets directly, but through the network monitoring software used by all these organizations. The tool from the American company SolarWinds was apparently infected in the spring, so hackers were probably able to monitor the communication of employees of the American government or large corporations for several months. In the same way, for example, they could build "secret doors" in the disrupted networks for later access.
"This APT-type actor has shown patience, operational confidence, and comprehensive skills in this intrusion," Pompeo said. The exact motive for the attack is unknown, as is whether the threat has already been averted. The accumulation of damages could take months.
In behind-the-scenes statements, U.S. officials attribute the cyber operation to Russian civilian intelligence, abbreviated SVR. Kremlin spokesman Dmitry Peskov denied on Monday that
Moscow had anything to do with the attack.