WASHINGTON (AP) – Federal authorities raised more alarm on Thursday about an intrusion into US and other computer systems around the world, which officials suspect was carried out by Russian hackers. The national cybersecurity agency warned of a “serious” risk to government and private networks.
The Cybersecurity and Infrastructure Security Agency said in its most detailed comments to date that the intrusion had compromised both federal agencies and “critical infrastructure” in a sophisticated attack that was difficult to detect and undo.
CISA has not said what agencies or infrastructure had been breached or what information was obtained in an attack that it previously said appeared to have started in March.
“This threat actor has shown sophistication and complex trading in these breaches,” the agency said in its unusual warning. “CISA expects that removing the threat actor from compromised environments will be very complex and challenging.”
President Donald Trump, whose administration has been criticized for eliminating a White House cybersecurity adviser and downplaying Russian interference in the 2016 presidential election, has made no public statements about the breach.
President-elect Joe Biden said he would make cybersecurity a top priority for his administration, but stronger defense is not enough.
“We need to disrupt and deter our opponents from launching any major cyber-attacks at all,” he said. “We will do this, among other things, by imposing substantial charges on those responsible for such malicious attacks, including in coordination with our allies and partners.”
The cybersecurity agency previously said the perpetrators had used network management software from Texas-based SolarWinds t o infiltrate computer networks. The new warning said the attackers may have used other methods as well.
Over the weekend, amid reports that the Treasury and Commerce divisions had been breached, CISA ordered all federal government civil agencies to remove SolarWinds from their servers. The cybersecurity agencies of Great Britain and Ireland have issued similar warnings.
A US official previously told The Associated Press that hackers were suspected in Russia, but neither the CISA nor the FBI have publicly said who is held responsible. When asked if Russia was behind the attack, the official said, “We think so. We haven’t said that publicly yet because it’s not 100% confirmed. ”
Another US official, who spoke on condition of anonymity on Thursday to discuss a case under investigation, said the hack was serious and extraordinarily damaging, although the government was not ready to blame anyone publicly.
“This looks like it is the worst hacking case in America’s history,” the official said. “They got into everything.”
The official said the administration assumes that most, if not all, government agencies had been compromised, but the extent of the damage was not yet known.
_____
Associated Press writer Matthew Lee contributed.