Tami Chappell/AFP via Getty Images
Since news of the SolarWinds hack surfaced nearly a week ago, high-ranking Trump administration officials have remained largely silent about the cyberattack that involved at least half a dozen federal agencies. On Friday, Secretary of State Mike Pompeo broke that silence, becoming the most prominent administration official to blame Russia for the attack.
“This was a very significant effort,” Pompeo told the The Mark Levin Show, “and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”
“We’re still unpacking precisely what it is, and I’m sure some of it will remain classified,” Pompeo said. “But suffice it to say, there was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems and, it now appears, the systems of private companies and governments across the world, as well.”
Pompeo’s comments represent the farthest the Trump administration has been willing to go so far in publicly attributing the hack to Russia. President Trump himself has not mentioned the suspected attack, which operated undetected for months and reportedly hit multiple government agencies, including the State Department, the Pentagon, the Treasury Department and the Department of Homeland Security.
SolarWinds, the IT company whose product was targeted in the hack, said that nearly 18,000 of its customers received a software update tainted with malware, beginning in March. The malicious code operated as a kind of Trojan horse, enabling hackers to stealthily access the systems of the affected agencies and companies.
The Cybersecurity and Infrastructure Security Agency on Thursday acknowledged that the cyberattack “poses a grave risk” to federal, state and local governments across the country — but refrained from directly attributing blame.
Unlike Trump, who has maintained silence on the situation, lawmakers from both sides of the aisle have made it clear that they believe the Kremlin is behind what they are calling a “significant, sophisticated, and ongoing cybersecurity intrusion.”
Russia, for its part, has denied playing a role in the operation.
In a joint statement on Thursday, the two highest-ranking members of the Senate Armed Services Committee said the attack “has the hallmarks of a Russian intelligence operation.” In their statement, Sens. Jim Inhofe, R-Okla., and Jack Reed, D-R.I., called upon the U.S. government to “do everything possible to counter it” — something several other lawmakers have criticized the Trump administration for not doing.
“An incident of this magnitude and lasting impact requires an engaged and public response by the U.S. government, led by a President who understands the significance of this intrusion and who is actively marshaling a domestic remediation strategy and an international response,” Sen. Mark Warner, D-Va., vice-chairman of the Select Committee on Intelligence, said in a statement released Friday.
“It is extremely troubling that the President does not appear to be acknowledging, much less acting upon, the gravity of this situation,” he added.
The criticism has come not just from Democrats, but from members of Trump’s own party, as well. One day before Warner’s statement, Sen. Mitt Romney of Utah also called out what he called “inexcusable silence and inaction from the White House.”
“The cyber hack,” he said, “is like Russian bombers have been repeatedly flying undetected over our entire country.”
Asked about the criticism, Pompeo suggested that Trump had maintained his silence so as not to interfere with investigations into the incident.
“I saw this in my time running the world’s premier espionage service at the CIA. There are many things that you you’d very much love to say, ‘Well, I’m going to call that out,’ ” the secretary of state said. “But a wiser course of action to protect the American people is to calmly go about your business and defend freedom.”