U.S. authorities are expressing increased alarm about an intrusion into computer systems around the globe that officials suspect was carried by Russia.


What You Need To Know

  • The cybersecurity unit of the Department of Homeland Security said Thursday that a recent widespread hack “poses a grave risk"

  • It was the most detailed comments yet from CISA since reports emerged this weekend that government agencies including the Treasury and Commerce departments were among those whose secure data and email were penetrated by the sophisticated hack

  • President-elect Joe Biden pledged in a statement to take action to prevent future breaches: "I want to be clear: my administration will make cybersecurity a top priority at every level of government"

  • A U.S. official previously told The Associated Press that Russia-based hackers are suspected, but neither CISA nor the FBI has publicly said who is believed be responsible

The cybersecurity unit of the Department of Homeland Security said Thursday that the hack “poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.”

It was the most detailed comments yet from the Cybersecurity and Infrastructure Agency since reports emerged this weekend that government agencies including the Treasury and Commerce departments were among those whose secure data and email were penetrated by the sophisticated hack.

CISA also warned that it will be difficult to remove the malware inserted through network software. “The agency said that removing this threat actor from compromised environments will be highly complex and challenging for organizations.

The news comes as President-elect Joe Biden pledged to take action to prevent future breaches.

"I want to be clear: my administration will make cybersecurity a top priority at every level of government," Biden said in a statement, "And we will make dealing with this breach a top priority from the moment we take office."

The president-elect said that while we are still learning more information about the hack, "what we do know is a matter of great concern."

CISA did not say which agencies or infrastructure were breached or what information taken in an attack that it previously said appeared to have begun in March.

“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” the agency said in an unusual alert. “CISA expects that removing the threat actor from compromised environments will be highly complex and challenging.”

The agency previously said that the perpetrators had used network management software from Texas-based SolarWinds t o infiltrate computer networks. Its new alert said the attackers may have used other methods as well.

A U.S. official previously told The Associated Press that Russia-based hackers are suspected, but neither CISA nor the FBI has publicly said who is believed be responsible.

Another U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, said the hack was severe and extremely damaging although the Trump administration was not yet ready to publicly blame anyone for it.

“This is looking like it’s the worst hacking case in the history of America,” the official said. “They got into everything.”

The official said the administration is working on the assumption that most, if not all, government agencies were compromised but the extent of the damage was not yet known.

Asked whether Russia was behind the attack, the official said: “We believe so. We haven’t said that publicly yet because it isn’t 100% confirmed.”

The Associated Press contributed to this report.