Richard Clarke, a cybersecurity expert who worked for three U.S. presidents and served as the chief cybersecurity advisor to U.S. President George W. Bush, said on Thursday that the recently discovered suspected Russian hack is “the largest espionage attack in history.”
The hack, which targeted as many as 18,000 SolarWinds software users, including numerous U.S. federal agencies, is likely a foreign state-backed operation and Russia is believed to be behind the operation, according to various sources, including Clarke. Appearing on The Lead with Jake Tapper on CNN Thursday, Clarke said the hack “is as though the Russians got a passkey, a skeleton key for about half the locks in the country.”
CNN tweeted, “‘This is the largest espionage attack in history,’ former White House cybersecurity czar Richard Clarke says about a massive suspected Russian cyberattack. ‘They got access to these networks so that in a future crisis, they can…put a knife to our throat.’”
Clarke’s comments come after an estimated 18,000 users of various software products in SolarWinds Orion product line are believed to have used versions of the software that hackers exploited. This week, the U.S. Securities and Exchanges Commission (SEC) reported that between March and June, hackers inserted malware into the various Orion products. The exposure has only just been discovered in recent days.
“It’s 18,000 companies and government institutions scattered around the U.S. and the world,” Clarke told CNN’s Tapper. “This is an espionage attack.”
Those who used the hacked SolarWinds software products have reportedly included, National Nuclear Security Administration (NNSA), which manages the U.S. nuclear weapons arsenal. Other reported victims of the attack include parts of the Pentagon, the Treasury, and the Department of Homeland Security (DHS).
425 of the Fortune 500 companies also use SolarWinds, according to an archived client list by the company. All branches of the U.S. military, the National Security Agency (NSA), and even the Office of the President of the United States also SolarWinds products. The company’s software is also used by all of the top five U.S. accounting firms and hundreds of colleges and universities around the world. While the SEC estimates 18,000 Orion users were exposed to the hacking efforts, there is no complete list of who all was hacked. It is not clear if all of the aforementioned clients used the particular SolarWinds products that were targeted by hackers.
Asked what could Russia potentially accomplish with the range of hacked U.S. agencies and companies, Clarke said the hackers didn’t get into classified networks, as far as he is aware.
“They found whatever you can find on an unclassified network in a federal department,” Clarke said. “Some of that is interesting. Some of that combined with classified information will tell you something.”
While Clarke said the hackers did not obtain classified information, there are other security risks from the hack.
“What they really did, was they got access to these networks so that in a future crisis, they can . . . put a knife to our throat,’” Clarke said.
Clarke said if Russia and the U.S. into some conflict scenario, Russia might threaten to erase the networks of various U.S. agencies and companies if the U.S. responds to the particular crisis scenario.
“They did this before to the Ukraine, they did it in 2017,” Clarke said. “And there was collateral damage then that wiped out U.S. companies.”
Clarke said three U.S. companies lost a combined $8 billion in operating costs and remediation costs from the 2017 attack he described.
