Washington – U.S. authorities have become increasingly alarmed by an intrusion into computer systems around the world that officials suspect were carried out by Russian hackers, and the nation’s civilian cybersecurity agency warned which poses a “serious” risk to government and private networks.
The Security and Cybersecurity Agency (CISA) said in its more detailed comments that the intrusion has compromised government agencies and “critical infrastructure” in a sophisticated attack that was difficult to detect and will be difficult to undo.
CISA did not say which agencies or infrastructures were breached or what information taken in an attack it previously said appeared to have begun in March.
“This threatening actor has demonstrated sophistication and complex commercial craft in these intrusions,” the agency said in an unusual alert. “CISA expects the removal of the threatening actor from compromised environments to be highly complex and difficult.”
The agency previously said the authors had used Texas-based SolarWinds network management software to infiltrate computer networks. The new alert said the attackers could have used other methods as well.
The United States has not publicly blamed Russia for the intrusions. SolarWinds said it had been warned that the perpetrator was believed to be a “state outside the nation,” but did not independently identify those responsible. Current and former US officials have said the first evidence points to the Kremlin.
President-elect Joe Biden, who takes office in just over a month, said in a statement that intrusions were “a matter of great concern” and pledged to impose “substantial costs on those responsible for these attacks.” malicious “.
“We have seen in recent days what appears to be a massive cybersecurity violation that potentially affects thousands of victims, including U.S. companies and federal government entities,” the president-elect said. “I have instructed my team to learn as much as we can about this violation and Vice President – elect Harris and I are grateful to the career officials who have informed our team of their findings and who are working 24 hours a day. respond to this attack “.