26 December 2020

Biden is 'considering cyber attacks' on Russian infrastructure in retaliation for 'Pearl Harbor of hacks' that breached 200 US federal agencies and firms - as fired DHS Cybersecurity chief Chris Krebs admits his 'failure' to stop it


Joe Biden is said to be considering cyber attacks on Russian infrastructure in retaliation for the hacks that breached 200 US federal agencies and firms. 

The president-elect's team will consider several options over the country's suspected role in the unprecedented hacking of US government agencies and companies, sources have told Reuters. 

The massive data breach enabled hackers believed to be from Russia's SVR foreign intelligence service to explore the networks of government agencies, private companies and think-tanks for months. Moscow has denied involvement. 

Fired DHS Cybersecurity chief Chris Krebs on Sunday admitted his 'failure' to stop the hack, telling CNN: 'It happened on my watch. We missed it. A bunch of other folks missed it. But there is work to do now going forward to make sure A: we get past this, that we get the Russians out of the networks, but, B: that it never happens again.'

He warned: 'I'd be very careful with escalating this.' 

Biden is reported to be looking at new financial sanctions and cyber attacks on Russian infrastructure, people familiar with the matter say.


Joe Biden is said to be considering cyber attacks on Russian infrastructure in retaliation for the hacks that breached 200 US federal agencies and firms
Christopher Krebs, former director of the Cybersecurity and Infrastructure Security Agency has admitted his 'failure' to stop the hack, telling CNN : 'It happened on my watch'

'They'll be held accountable,' Biden said in an interview broadcast on CBS on Thursday when asked about how he would deal with the Russian-led hack. He vowed to impose 'financial repercussions' on 'individuals as well as entities.' 

Sources say the response will need to be strong enough to impose a high economic, financial or technological cost on the perpetrators, but avoid an escalating conflict between two nuclear-armed Cold War adversaries.

The overarching goal of any action, which could also include stepped-up counter cyber espionage efforts, would be to create an effective deterrence and diminish the potency of future Russian cyber spying, the person added.

The unfolding crisis - and the lack of visibility over the extent of the infiltration into the computer networks of federal agencies including the Treasury, Energy and Commerce Departments - will push to the front of Biden's agenda when he takes office on January 20. 

Russia denies involvement in the SUNBURST attack, but US officials say the nation is behind the 'Advanced Persistent Threat' (APT) that carried out the audacious breach.

Sources say that one top suspect is APT29, the Kremlin-linked group also known as Cozy Bear. 

Cozy Bear is best known as the group said to be responsible for the 2016 breach of the Democratic National Committee's servers.

Experts believe that Cozy Bear operates as part of one of Russia's intelligence agencies. 

Some doubt the attribution of SUNBURST to Cozy Bear, through, noting that the tools used in the attack have never been seen before. 

A company called SolarWinds was hacked, permitting an open door into public and private sector computer systems. SolarWinds is behind critical network monitoring software utilized both by the US government and many blue-chip American firms. 

'Symbolic won't do it' for any U.S. response, said James Andrew Lewis, a cyber security expert at the Center for Strategic and International Studies, a Washington think tank. 'You want the Russians to know we're pushing back' 

President Donald Trump only acknowledged the hacking on Saturday almost a week after it surfaced, downplaying its importance and questioning whether the Russians were to blame. 

Trump's silence did not go unnoticed with Democrats in Congress blasting Trump for failing to address the issue and demanding a harsh response on the perpetrators. 

'Our nation is under assault. This cyberattack could be the largest in our history. We don't yet know the extent of the damage, but we know that we weren't prepared & have our work cut out for us,' Rep Jason Crow (D - Colorado) tweeted on Friday. 

'We can't wait for leadership, we need it now. @realdonaldtrump, where are you?'

Crow also likened the attack to Pearl Harbor in a follow-up tweet: 'The situation is developing, but the more I learn this could be our modern day, cyber equivalent of Pearl Harbor.' 

Mitt Romney demanded Sunday that the U.S. response to the Russia cyber attack be 'of like magnitude or greater'. Democratic Senator Mark Warner, ranking member of the Intelligence Committee, called the Kremlin's takeaway from the cyber attack a 'big haul.'

The discussions among Biden's advisers are theoretical at this point and will need to be refined once they are in office and have full view of U.S. capabilities.

Biden's team will also need a better grasp of US intelligence about the cyber breach before making any decisions, one of the people familiar with his deliberations said. 

The president elect's access to presidential intelligence briefings was delayed until about three weeks ago as Trump disputed the November 3 election results.

No comments: