Cyberattack on US nuclear interests is not ‘espionage as usual’, experts warn

The Russian government has been accused of carrying out the attack on the US energy department

Kim Sengupta
Defence Editor
Friday 18 December 2020 20:56 GMT
Comments
<p>Getty</p>

Getty

Leer en Español

The scale and scope of what has been described as the worst ever cyber offensive on America has been staggering, with targets ranging from the Treasury to the body safeguarding the nuclear stockpile, and one that has been going on undetected for at least nine months.

Seven other countries - Britain, Canada, Mexico, Belgium, Spain, Israel and the UAE - have also been hit, with the list expected to expand. Microsoft, which found malicious infiltration into its system through the software SolarWind stated that “it’s certain that the number and location of victims will keep growing”.

The Russian government has been suspected of carrying out the operation, which was aimed more than 80 per cent at the US.  

Political as well as security issues have surfaced in America following the attacks.  Donald Trump, who allegedly benefitted from Kremlin interference to win the 2016 election, including the hacking of Democratic National Party computers and Hillary Clinton’s emails, has not yet made a comment on what has happened.  

President-elect Joe Biden, in contrast, declared: “I want to be clear, my administration will make cybersecurity a top priority at every level of government, and we will make dealing with this breach a top priority from the moment we take office.  

“We will do that by imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners. Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation.”

The effect of the hacking in the UK has not been found, so far, to be particularly severe according to intelligence officials. That may change, however, with ongoing investigations. There will be focus on damage which may have been caused due to the close security links with Washington.  The US National Nuclear Security Administration, which maintains the American nuclear weapons stockpile, for instance, supplies some nuclear technology to the UK.

Paul Chichester, director of operations at the National Cyber Security Centre (NCSC) in London, said: “This is a complex, global cyber incident, and we are working with international partners to fully understand its scale and any UK impact.

“That work is ongoing and will take some time, but simply having SolarWinds does not automatically make an organisation vulnerable to real world impact. The NCSC is working to mitigate any potential risk... We urge organisations to take immediate steps to protect their networks - and will continue to update as we learn more.”

Brad Smith, Microsoft’s president, said: “This is not ‘espionage as usual’, even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world. It was a broad and successful espionage-based assault on both the confidential information of the government and the tech tools used by firms to protect them.”

In the US, the Cybersecurity and Infrastructure Security Agency (CISA) said "critical infrastructure" had been damaged, federal agencies and private sector companies compromised, this was a "grave threat and “removing this threat actor from compromised environments will be highly complex and challenging for organisations".

CISA stated that the cyber strikes were carried out using network management software made by SolarWinds, a Texas-based company with more than 18,000 customers affected. Microsoft was hacked in connection with the infiltration of SolarWinds.

American and British officials have refused, so far, to name those they believe to be responsible for the attacks, although privately some have said suspicion falls on the Russian hacking group called Cozy Bear, or APT 29, which has ties to the country's intelligence agencies.

Vladimir Putin’s spokesperson, Dmitry Peskov, maintained: “Even if it is true there have been some attacks over many months and the Americans managed to do nothing about them, possibly it is wrong to groundlessly blame Russians right away. We have nothing to do with this.”

Following the Russian hacking campaign in the 2016 election, Barack Obama imposed sanctions on Russia’s intelligence services and expelled 35 diplomats.

Mr Trump’s national security advisor, Michael Flynn, subsequently urged the Kremlin through the Russian ambassador in Washington not to respond to the US sanctions with the promise that they would be lifted if Mr Trump got into the White House.  

Mr Flynn was convicted by special counsel Robert Mueller’s investigation of lying about the meeting. Last month Mr Trump pardoned Mr Flynn who has since been doing the rounds on right-wing media outlets calling on Mr Trump to impose martial law to re-run the election he has just lost.

In his 2017 book about the Trump White House, Fear, Bob Woodward described how the then homeland security advisor, Tom Bossert, tried to tell the president about Russian hacking. “I want to watch the Masters,” Mr Trump told Mr Bossert, according to the book. “You and your cyber... are going to get me in a war - with all your cyber sh*t.”

After the new hacking revelations, Mr Bossert told the New York Times: “The magnitude of this ongoing attack is hard to overstate. The Russians have had access to a considerable number of important and sensitive networks for six to nine months.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in