US govt issues urgent warning against recent cyberattacks, says it's 'a grave risk to the federal government'
FirstpostA Microsoft “heat map” of infections shows that 80 percent of the hacks are in the United States, while Russia shows no infections at all. Federal officials issued an urgent warning on Thursday that hackers, who US intelligence agencies believed were working for the Kremlin, used a far wider variety of tools than previously known to penetrate government systems, and said that the cyberoffensive was “a grave risk to the federal government.” The discovery suggests that the scope of the hacking, which appears to extend beyond nuclear laboratories and the Pentagon, Treasury and Commerce departments’ systems, complicates the challenge for federal investigators as they try to assess the damage and understand what had been stolen. “A good defense isn’t enough; we need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” Biden said, adding, “I will not stand idly by in the face of cyberassaults on our nation.” Echoing the government’s warning, Microsoft said Thursday that it had identified 40 companies, at a minimum, that government agencies and think tanks that the suspected Russian hackers stole data from. Biden’s statement said he had instructed his transition team to learn as much as possible about “what appears to be a massive cybersecurity breach affecting potentially thousands of victims.” “I want to be clear: My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority from the moment we take office,” Biden said, adding that he plans to impose “substantial costs on those responsible.” The Cybersecurity and Infrastructure Security Agency’s warning came days after Microsoft took emergency action along with FireEye to halt the communication between the SolarWinds network management software and a command-and-control center that the Russians were using to send instructions to their malware using a so-called kill switch. And the key line in the warning said that the SolarWinds “supply chain compromise is not the only initial infection vector” that was used to get into federal systems.