US cyber-attack: Russia ‘clearly’ behind SolarWinds operation, says Pompeo

US Secretary of State Mike Pompeo has blamed Russia for what is being described as the worst-ever cyber espionage attack on the US government.

“We can say pretty clearly that it was the Russians that engaged in this activity,” Mr Pompeo said on Friday.

He did not provide details about the alleged links to Moscow, and Russia has denied any involvement in the attack.

The hack, targeting software made by US firm SolarWinds, was discovered last week but has been going on for months.

Among the US agencies targeted was the office that manages nuclear weapons.

That government organisation, the US energy department, said however that the arsenal’s security had not been compromised.

Several other organisations around the world, including in the UK, are understood to have been targeted by hackers using the same network management software.

Researchers, who have named the hack Sunburst, say it could take years to fully comprehend what is one of the biggest ever cyber-attacks.

In a radio interview with US talk show host Mark Levin on Friday, Mr Pompeo said he believed that Russia had, over a period of months, penetrated several US government agencies and private companies, along with other companies and governments around the world.

He said there was “a significant effort to use a piece of third-party software to essentially embed code inside US government systems”.

Along with the US energy department, federal agencies targeted by what has been described as a sophisticated cyber espionage operation include the Treasury and departments of homeland security, state, defence and commerce.

Mr Pompeo said that US investigators looking into the attack were still “unpacking precisely what it is”, and that much of the information would likely remain classified.

He said that Russia was trying to “undermine our way of life”, adding that Russian President “Vladimir Putin remains a real risk”.

Hackers managed to gain access to major organisations by compromising network management software developed by Texas-based IT company SolarWinds.

The access could have allowed the hackers to take a high degree of control over the networks of organisations using that software, but appears to have been used to steal data rather than for any disruptive or destructive impact.

It is thought that those behind the operation targeted a narrow set of organisations in an attempt to steal national-security, defence and other related information.

However, while software may have been downloaded, that does not necessarily mean data was taken.

SolarWinds Orion, the computer network tool at the source of the breach, earlier said that 18,000 of its 300,000 customers might have been affected, but there is no indication that significant theft of customer or citizen data was an aim of the cyber-attack.

Investigators have said the months-long operation through SolarWinds could have been launched before March this year.

US President Donald Trump has not yet personally commented on the attack, but President-elect Joe Biden, who is due to be sworn in on 20 January, has vowed to make cyber-security a “top priority” of his administration.

“We need to disrupt and deter our adversaries from undertaking significant cyber-attacks in the first place,” he said on Thursday.

“We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in co-ordination with our allies and partners.”

For more than three decades, hackers linked to Moscow are believed to have tried to steal US secrets online.