Cyberattack on the US govt may have started earlier than initially thought.
The unprecedented cyber attack on US government agencies reported this month may have started earlier than last spring as previously believed, a US senator involved in cybersecurity said on Wednesday.
US investigators originally thought that the attack on government agencies and private industry targets began in March or April, including breaches of Treasury, State, Commerce, and Energy Departments. State-backed Russian hackers were identified as suspects. Russia has denied involvement.
“The initial burial in may have started earlier,” Democratic Senator Mark Warner of Virginia, who serves as Vice-Chair of the Senate Intelligence Committee told Reuters in an interview.
Warner said full investigations of the hack are underway but so far the US government does not have any hard evidence that classified government secrets were compromised by the hackers.
Warner said gaps in the US and international law make it difficult to track and crack down on large scale hacks and that the United States and its allies must act to tighten controls.
“We still do not have mandatory reporting for the private sector, or for the public sector,” on major hacking incidents, Warner said. “The time it takes to assess the (last) attack, it takes longer than we would like,” he added.
Warner said the lack of US laws and policy to counter such major hacks is the product of a “lack of policy that precedes (the administration of President Donald) Trump.” During the administration of President Barack Obama, he said, people in both government and private sector “pushed back ferociously” at talk of stepping up cyberspace legal controls.
The latest hacking campaign, disclosed by US officials in mid-December, entered US government and private systems by surreptitiously tampering with updates released by Texas-based software company SolarWinds, which serves government customers across the executive branch, the military, and the intelligence services, according to two people familiar with the matter. The trick – often referred to as a “supply chain attack” – works by hiding malicious code in the body of legitimate software updates here provided to targets by third parties.
Although Secretary of State Mike Pompeo and US government sources have said Russia is the principal suspect in the attack, Trump himself has questioned their responsibility and suggested China might be behind the attack.
“There has been obviously a reluctance out of this White House to call out Russia repeatedly,” Warner said. “I don’t believe that is a problem of the intelligence community. I think that is a problem of the White House.”