World

Trump contradicts top U.S. officials, suggests without evidence China behind cyberattack

Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China — not Russia — may be behind the grave cyberattack against the United States and tried to minimize its impact.

Secretary of State Mike Pompeo says Russia was 'pretty clearly' behind hack

U.S. President Donald Trump climbs into a golf cart at Trump National Golf Club in Sterling, Va., on Dec. 13. (Al Drago/Getty Images)

Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China — not Russia — may be behind the grave cyberattack against the United States and tried to minimize its impact.

In his first comments on the breach, Trump scoffed at the focus on the Kremlin and downplayed the intrusions, which the nation's cybersecurity agency has warned posed a "grave" risk to government and private networks.

"The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control," Trump tweeted. He also claimed the media are "petrified" of "discussing the possibility that it may be China (it may!)."

There is no evidence to suggest that is the case. Secretary of State Mike Pompeo said late Friday that Russia was "pretty clearly" behind the cyberattack against the U.S.

Officials at the White House had been prepared to put out a statement on Friday afternoon that accused Russia of being "the main actor" in the hack but were told at the last minute to stand down, according to one U.S. official familiar with the conversations who spoke on condition of anonymity to discuss private deliberations.

U.S. Secretary of State Mike Pompeo, shown visiting the White House with family members on Dec. 11. (Evan Vucci/The Associated Press)

It is not clear whether Pompeo got that message before his interview, but officials are now scrambling to figure out how to square the disparate accounts.

Pompeo said the government was still "unpacking" the cyberattack, and some of it would likely remain classified.

"But suffice it to say there was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems and it now appears systems of private companies and companies and governments across the world as well.

"This was a very significant effort, and I think it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity," he said in the interview with radio talk show host Mark Levin.

Throughout his presidency, Trump has refused to blame Russia for well-documented hostilities, including its interference in the 2016 election to help him get elected. He blamed his predecessor, Barack Obama, for Russia's annexation of Crimea, has endorsed allowing Russia to return to the G7 group of industrialized nations and has never taken the country to task for allegedly putting bounties on U.S. soldiers in Afghanistan.

Trump is seen with Russian President Vladimir Putin during a summit in Helsinki in July 2018. ( Chris McGrath/Getty Images)

Though Pompeo was the first Trump administration official to publicly blame Russia for the attack, cybersecurity experts and other U.S. officials have been clear over the past week that the operation appears to be the work of Russia. There has been no credible suggestion that any other country — including China — is responsible.

Democrats in Congress who have received classified briefings have also affirmed publicly that Russia, which in 2014 hacked the State Department and interfered through hacking in the 2016 presidential election, was behind it.

It's not clear exactly what the hackers were seeking, but experts say it could include nuclear secrets, blueprints for advanced weaponry, COVID-19 vaccine-related research and information for dossiers on government and industry leaders.

Russia has said it had "nothing to do" with the hacking.

'Worst hacking case in the history of America'

While Trump downplayed the impact of the hack, the Cybersecurity and Infrastructure Security Agency has said it compromised federal agencies, as well as "critical infrastructure." Homeland Security, the agency's parent department, defines such infrastructure as any "vital" assets to the U.S. or its economy, a broad category that could include power plants and financial institutions.

One U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, described the hack as severe and extremely damaging.

"This is looking like it's the worst hacking case in the history of America," the official said. "They got into everything."

One U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, described the hack as severe and extremely damaging. (Trevor Brine/CBC)

Trump had been silent on the attack before Saturday.

Deputy White House press secretary Brian Morgenstern on Friday declined to discuss the matter but told reporters that national security adviser Robert O'Brien had sometimes been leading multiple daily meetings with the FBI, the Department of Homeland Security and the intelligence agencies, looking for ways to mitigate the hack.

"Rest assured we have the best and brightest working hard on it each and every single day," he said.

The Democratic leaders of four House committees given classified briefings by the administration on the hack issued a statement complaining that they "were left with more questions than answers."

"Administration officials were unwilling to share the full scope of the breach and identities of the victims," they said.

Pompeo, in the interview with Levin, said Russia was on the list of "folks that want to undermine our way of life, our republic, our basic democratic principles.... You see the news of the day with respect to their efforts in the cyberspace. We've seen this for an awfully long time, using asymmetric capabilities to try and put themselves in a place where they can impose costs on the United States."

What makes this hacking campaign so extraordinary is its scale: 18,000 organizations were infected from March to June by malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds.

It's going to take months to kick elite hackers out of the U.S. government networks they have been quietly rifling through since as far back as March.

The SolarWinds headquarters is seen in Austin, Texas, on Friday. (Sergio Flores/Reuters)

Experts say there simply are not enough skilled threat-hunting teams to duly identify all the government and private-sector systems that may have been hacked. FireEye, the cybersecurity company that discovered the intrusion into U.S. agencies and was among the victims, has already tallied dozens of casualties. It's racing to identify more.

Many federal workers — and others in the private sector — must presume that unclassified networks are teeming with spies. Agencies will be more inclined to conduct sensitive government business on Signal, WhatsApp and other encrypted smartphone apps.

If the hackers are indeed from Russia's SVR foreign intelligence agency, as experts believe, their resistance may be tenacious.

Many federal workers — and others in the private sector — must presume that unclassified networks are teeming with spies. Agencies will be more inclined to conduct sensitive government business on Signal, WhatsApp and other encrypted smartphone apps. (Dado Ruvic/Reuters)

The only way to be sure a network is clean is "to burn it down to the ground and rebuild it," said Bruce Schneier, a prominent security expert and Harvard fellow.

Florida became the first state to acknowledge falling victim to a SolarWinds hack. Officials told The Associated Press that hackers apparently infiltrated the state's health-care administration agency and others.

Customers of SolarWinds include most Fortune 500 companies, and its U.S. government clients are rich with generals and spymasters.

Comments

To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted.

By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses. Please note that CBC does not endorse the opinions expressed in comments. Comments on this story are moderated according to our Submission Guidelines. Comments are welcome while open. We reserve the right to close comments at any time.

now