This article was originally published by Radio Free Europe/Radio Liberty and is reprinted with permission.
U.S. President Donald Trump has downplayed the impact of a widespread cyberattack and cast doubt on whether Russia was to blame in his first public comments on the incident.
“The Cyber Hack is far greater in the Fake News Media than in actuality,” Trump said on Twitter on December 19. “Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).”
Trump’s assertion that China may be behind the hacking spree, which has so far affected more than a half dozen federal agencies including the Commerce and Treasury Departments, runs counter to comments by Secretary of State Mike Pompeo and several lawmakers briefed on the matter.
“We can say pretty clearly that it was the Russians that engaged in this activity,” Pompeo said on December 18 in an interview.
“The cyber hack is like Russian bombers have been repeatedly flying undetected over our entire country,” Republican lawmaker Mitt Romney said in a tweet on December 17.
The Kremlin has denied any involvement.
In his tweet, Trump tagged Pompeo and Director of National Intelligence John Ratcliffe.
The Office of the Director of National Intelligence has yet to publicly comment on who is behind the massive data breach, which exploited a piece of software developed by network management firm SolarWinds that is widely used throughout the public and private sectors.
Microsoft said it had notified more than 40 customers hit by the malware, which security experts say could allow attackers network access to sensitive government information and networks that operate infrastructure such as electricity power grids.
Roughly 80 percent of the affected customers are located in the United States, Microsoft President Brad Smith said in a blog post. Other victims of the cyberattack are in Belgium, Britain, Canada, Israel, Mexico, Spain, and the United Arab Emirates.
“This is not ‘espionage as usual,’ even in the digital age,” Smith wrote. “Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world.” He added that the number and location of victims will keep growing.
‘The Scale Is Daunting’
James Lewis, vice president at the Center for Strategic and International Studies, said the attack may end up being the worst to hit the United States, eclipsing a 2014 suspected Chinese infiltration.
“The scale is daunting. We don’t know what has been taken so that is one of the tasks for forensics,” Lewis said, according to the AFP news agency.
“We also don’t know what’s been left behind. The normal practice is to leave something behind so they can get back in in the future,” Lewis said.
The cyberattack was first reported on December 13 in news reports that quoted unidentified U.S. officials as saying Russia-based hackers were suspected.
Russia’s U.S. Embassy has denied any involvement, saying in a statement on December 14 that Russia “does not conduct offensive operations in the cyber domain.”
The Department of Homeland Security, the Treasury Department, and the Commerce Department were among those affected in the attack, according to media reports that quoted unidentified officials with knowledge of the cyberattack.
The Department of Energy acknowledged on December 17 that it was among those that had been hacked. The department includes the agency that manages the country’s nuclear-weapons stockpile.
The FBI and other agencies investigating an extensive cyberattack on U.S. government computer networks briefed members of Congress on December 18 about the intrusion.
SolarWinds admitted on December 16 that hackers from an “outside nation state” inserted malicious code into updates of its network management software issued between March and June this year.