1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Trump downplays massive US cyberattack

December 19, 2020

President Donald Trump has said China may be behind the massive hack targeting US government networks. His comments contradicted top diplomat Mike Pompeo, who has said Russia was "pretty clearly" behind the attack.

A person works on a computer that shows code
Image: picture-alliance/dpa/A. Malgavko

US President Donald Trump has said it "may be China" who was behind the embedded malware found in US government networks and elsewhere around the world earlier this week.

Trump's comments on Twitter came after US Secretary of State Mike Pompeo blamed the hacking attack on Moscow. Speaking with US talk show host Mark Levin on Friday, Pompeo said the embedded malware was"pretty clearly" the work of "the Russians."

But on Saturday, Trump posted on Twitter that "Russia is the priority chant when anything happens" because the media is afraid of discussing the possibility of Beijing's involvement. He did not cite his reasons for suspecting China.

Russia denies involvement

On Friday, Pompeo said private companies and governments around the world had been targeted using third-party software to embed code in their systems.

"This was a very significant effort, and I think it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity," he said, adding that the outgoing Trump administration had kept mute as a "wiser course of action" to allow investigations to unfold following the initial alert made last Sunday

Russia has already denied involvement, with Kremlin spokesman Dmitry Peskov dismissing the allegations.

US President-elect Joe Biden, meanwhile, has expressed "great concern" over the hacking attack.

How did hackers compromise US government agencies?

18,000 accounts infected

On Monday, Texas firm SolarWinds disclosed that up to 18,000 users of its popular Orion network-management software had been unwittingly infected, blaming what it termed an "outside nation-state."

Microsoft President Brad Smith, in a blog post Friday, said roughly 80% of affected customers were located inside the United States. Others were located in the UK, Belgium, Canada, Israel, Mexico, Spain and the United Arab Emirates.

Reuters, citing a British security source, said a small number of British organizations had been compromised but "not in the public sector."

"The scale is daunting," said James Lewis, vice president of the US Center for Strategic and International Studies, commenting on the disclosures. 

"We also don't know what's been left behind. The normal practice is to leave something behind so they can get back in, in the future," Lewis told the Agence France-Presse news agency.

"This will be a long ride," said Dmitri Alperovitch, former chief technical officer of cybersecurity firm CrowdStrike, in an interview with The Associated Press. He added that networks would need to be redesigned. "Clean-up is just phase one."

'Complex' intrusions as early as March

The US Cybersecurity and Infrastructure Security Agency (CISA) said intrusions had begun as early as March this year, and the actor behind them had "demonstrated patience, operational security and complex tradecraft."

CISA said the hack had not reached the US nuclear arsenal but only "business networks" linked to the Department of Energy, which have since been disconnected.

The US government agencies that were reportedly breached include the Department of Homeland Security, the Treasury Department and the State Department.

Some breaches enabled emails to be monitored, but it was unclear what the hackers were seeking and what they did while infiltrating networks, said Reuters.

The Day: Russia accused of hacking into COVID-19 research

US to close last consulates in Russia

Before he leaves office in January, President Donald Trump is planning to close the two remaining US consulates in Russia, the State Department said Saturday, amid escalating tensions between Moscow and Washington.

The US will suspend operations at its posts in the city of Vladivostok and in Yekaterinburg, leaving the embassy in Moscow as the last US diplomatic mission in Russia.

Ten diplomats will reportedly be relocated to the embassy in Moscow, while 33 local staff will lose their jobs.

The decision was part of "efforts to ensure the safe and secure operation of the US diplomatic mission in the Russian Federation," a department spokesperson told Agence France-Presse.

Moving the employees to Moscow "will allow us to advance our foreign policy interests in Russia in the most effective and safe manner possible," according to the State Department.

ipj, mvb/mm (Reuters, AFP, AP)