Washington — U.S. authorities expressed increased alarm Thursday about an intrusion into computer systems around the globe that officials suspect was carried out by Russian hackers, with the nation’s civilian cybersecurity agency warning that it poses a “grave” risk to government and private networks.
The Cybersecurity and Infrastructure Security Agency (CISA) said in its most detailed comments yet that the intrusion has compromised government agencies as well as “critical infrastructure” in a sophisticated attack that was hard to detect and will be difficult to undo.
CISA did not say which agencies or infrastructure were breached or what information taken in an attack that it previously said appeared to have begun in March.
“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” the agency said in an unusual alert. “CISA expects that removing the threat actor from compromised environments will be highly complex and challenging.”
The agency previously said that the perpetrators had used network management software from Texas-based SolarWinds to infiltrate computer networks. Its new alert said the attackers may have used other methods as well.
The U.S. has not publicly blamed Russia for the intrusions. SolarWinds said it had been advised that the perpetrator is believed to be an “outside nation state,” but has not independently identified those responsible. Current and former U.S. officials have said early evidence points to the Kremlin.
President-elect Joe Biden, who takes office in just over a month, said in a statement that the intrusions were “a matter of great concern” and pledged to impose “substantial costs on those responsible for such malicious attacks.”
“We have learned in recent days of what appears to be a massive cybersecurity breach affecting potentially thousands of victims, including U.S. companies and federal government entities,” the president-elect said. “I have instructed my team to learn as much as we can about this breach, and Vice President-elect Harris and I are grateful to the career public servants who have briefed our team on their findings, and who are working around-the-clock to respond to this attack.”
