SolarWinds Hack: Is Russia to Blame?

Mish

Secretary of State Mike Pompeo is the first U.S. official to publicly say Russia was involved.

Pompeo Points the Finger

Pompeo's finger point is in regards to the disclosure that Hackers Broke Into the US Treasury, Nuclear Agency, Microsoft, and 18,000 Companies. 

Security Breaches

  • US Treasury
  • Energy Department
  • Department of Homeland Security
  • State Department
  • Health and Human Services 
  • At least 18,000 corporations who downloaded SolarWinds updates
  • While 80% of the victim companies were based in the U.S., Microsoft said that targets were also hit in the U.K., Canada, Mexico, Belgium, Spain, Israel and the United Arab Emirates.

Pretty Clearly the Russians

We can say pretty clearly that it was the Russians,’ says Pompeo in a radio interview.

“This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity,” Mr. Pompeo said in a Friday night interview with radio host Mark Levin.

“There was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems and it now appears systems of private companies and companies and governments across the world as well,” Mr. Pompeo said.

Government officials and cybersecurity experts have concluded that Russia is likely responsible for the hack in part due to the extreme skill involved as well as other classified clues, according to people familiar with the matter. A handful of senators who have received briefings in recent days have openly referred to it as a Russian operation.

Mr. Pompeo gave no indication of how President Trump, who leaves office on Jan. 20, might respond. Mr. Trump hasn’t addressed the hack publicly, drawing criticism from Democratic lawmakers and some cybersecurity experts.

“There are many things that you’d very much love to say, ‘Boy, I’m going to call that out,’ but a wiser course of action to protect the American people is to calmly go about your business and defend freedom,” Mr. Pompeo said.

What Does Trump Say?

The Cyber Hack is far Greater Trump

Russia, Russia, Russia

Hackers broke into the US Treasury , Energy Department, Department of Homeland Security, State Department,  Health and Human Services, and  at least 18,000 corporations.

We do not know how long this has been going on other than at least 4 years, and we do not know what corporate business the hackers stole.

Yet, Trump downplays this as did Pompeo. 

Voting Machines

The reference to voting machines came up on Twitter yesterday.

Tin Foil Hats

Questions Abound

  1. With Trump's preposterous comments out of the way, is it "clear" Russia did it? 
  2. How about "pretty clear"? 
  3. Is "pretty clear" good enough to openly place blame?
  4. Could it be China?
  5. Could it be the NSA? 
  6. What about the "handful of senators who have received briefings in recent days who have openly referred to it as a Russian operation"?

In regards to point number 5, please recall the NSA tapping into German Chancellor Angela Merkel's phone.

Also recall the NSA breaking into Iranian nuclear operations turning on Iran's centrifuges to such a high rate that it it destroyed them. 

We know about the centrifuges because the US bragged about it. We only know about Merkel's phone because of Edward Snowden.

Denial 

The US was spying on US citizens and global leaders alike while openly denying such operations. 

Mistrust

The US intelligence tell us what they want us to believe as opposed to what is actually taking place. 

Let that sink in because it happens time and time again. The NSA openly lies to Congress as well. 

Hiding Evidence

We have no evidence. Ironically, we do have a clear evidence of hiding evidence.

There are many things that you’d very much love to say, ‘Boy, I’m going to call that out,’ but a wiser course of action to protect the American people is to calmly go about your business and defend freedom,” Mr. Pompeo said. 

What the hell does that mean? 

  • We have no evidence but we pretend we do so you will have more confidence in us 
  • We believe it is in out best interest to not let you know what is going on. If so, who are they protecting and why?

So when a pack of Senators tells us they were briefed "Russia Did It", what do we really know?

What We Really Know

There are only three things we really know about this security disaster. 

  1. US officials, except for Trump, want us to believe Russia did it.
  2. Trump wants us to believe China may have done it.
  3. We cannot genuinely trust what anyone says. 

In short, we do not know what they know or even what they believe. We only know what they want us to believe.

That does not mean Russia did it. Nor does it mean Russia did not do it.

The preponderance of evidence may very well point to Russia, but no one seems willing to disclose the evidence. 

The NSA was caught spying on allies and foreign corporations, then lied to Congress about it.

That does not inspire faith in what we are being told now.

Mish

Comments (47)
Eddie_T
Eddie_T

A few things I think are true.

All governments in countries that have adequate resources have state-agency hackers who engage in cyber-warfare.

There are plenty of cyber criminals who do plenty of hacking to steal secrets and money..nothing necessarily to do with state players.

Being able to hack into and take over major government systems could potentially be work of either kind of hacker.

As at least two techies here pointed out, it could be an inside job. I doubt that tells us much now. Maybe it might help if we knew for sure.

I also think the takeaway should be that it isn’t that hard to do this kind of thing if the players involved are smart, patient, well-funded, and can carry out a long term plot that takes a fair amount of time to pay off.

Maybe some things should be insulated from the internet completely. You can’t hack what you can’t access.

Sechel
Sechel

Trump's tweet is not out of context. At this point we have to assume Donald Trump is compromised even if we don't know exactly how he became compromised. It's simply the cleanest explanation at this point

Sechel
Sechel

Not only did Trump try to downplay the hacking but he's suggested without proof its China. He's not only contradicting Pompeo but the entire U.S. government and all reporting and once again not offering any proof of the assertion that is very likely to be false. Trump never to a stand on the Navalny poisoning. He pushed back on Russian bounties against U.S. servicemen, he refused to accept the conclusion of U.S. intelligence on Russian activities in the 2016 election and beyond in the United States and now we have this. Just repeating that at this point we have to conclude Donald Trump is compromised when it comes to Russia even if we lack the documentation as to how or why it happened.

goldguy
goldguy

Relying on putting all your important data on the cloud is one of the stupidest things one could do. It was only a matter of time before we got hacked, and now getting it fixed will be a nightmare.

Mr. Purple
Mr. Purple

Ah, epistemology ... how do we know what we know?

In matters of State, it's faith all the way down.

Sechel
Sechel

I think we need to be prepared that Trump will try something truly unprecedented to stay in power. He's not accepting his defeat and his attempt to claim Russia didn't hack the U.S. but China did is off the rails looney

shamrock
shamrock

I don't think 4 years is accurate. They hacked an update to some software that has been rolling out for about 6 months.

Esclaro
Esclaro

At this point we can state that Trump is a Russian agent selling out the US for his ill gotten Douche Bank loans. He should get exactly what all traitors deserve!

Tengen
Tengen

I would have liked Trump much better if he didn't reflexively replace the Russia, Russia, Russia narrative with his own China, China, China hysteria. He's just as bad as the blue team Russiagate people, he just wants a different bogeyman.

Fortunately Trump didn't go the Sidney Powell route and also try to blame Iran and Venezuela.

LawrenceBird
LawrenceBird

Mish you have overstated - planning for the attack may have begun four years ago but the actual compromise took place during the past year.

As to the Ruskies, attribution of any cyberattack is incredibly difficult. Certainly the GRU has such capabilities. The only way you can definitely pin it down beyond a confidence interval is if you catch said foreign agency with some of your documents, say by NSA intercept. And even then, did they get them or did they steal them from another party who actually did the hack?

Zardoz
Zardoz

I think the blame rests squarely with the idjit that made their password SolarWinds123, with secondary blame for the people that trusted him.

njbr
njbr

Who gives a damn about a hack when an election was stolen by the wrong people...

Jonathan Swan
@jonathanvswan
I’ve been covering Donald Trump for a while. I can’t recall hearing more intense concern from senior officials who are actually Trump people. The Sidney Powell / Michael Flynn ideas are finding an enthusiastic audience at the top.
Officials increasingly alarmed about Trump’s power grab
Officials say Trump is spending too much time with people they consider crackpots or conspiracy theorists.
axios.com
2:24 PM · Dec 19, 2020·Twitter Web App
6.2K
Retweets
1.2K
Quote Tweets
17.2K
Likes

Sechel
Sechel

This has to be the most bonkers weekend in the white house in a while. Rudy wants to impound the voting machines. Sidney Powell wants to be declared special counsel, Mike Flynn wants to declare martial law and Donald Trump has the theory that it wasn't Russia but China that hacked the U.S. gov't

Herkie
Herkie

Donald Trump will never allow his government to blame Putin for anything.

But, it has been confirmed by those who do know, it was the russians, and an official statement to that effect was drafted and set for release and Trump stopped it in order to cast doubt and blame the Chinese.

This hack makes 2016 look like a little girl's tea party for her dolls.

This is an act of war.

Trump will soon be gone (no matter what that entails) and it will be up to Biden to craft a response that shows Putin that his years of getting away with war on the Americans is over.

Sechel
Sechel

now comes reporting that Trump diverted funds away from the DHS unit charged with guarding against such hacks toward funding his wall.

William Janes
William Janes

Occam's razor dictates that you choose the simplest explanation: Russia. Russian has the means, the motive, and the opportunity. All Libertarian explanations are useless and unproductive. Except for Trump and Other Loonies, I trust my government. Trump is irrelevant. The Trump supporters in my Cigar Lounge never mention him anymore. T
There is a large difference in listening in on other countries and waging a cyber war. The first is traditional spying done by everyone, even Germany, the Russian operation is an attack. We need to tighten down our cyber defenses. Any cyber strikes against Iran, Russia, and China are moral and justified against totalitarian regimes who are dangerous adversaries. No moral equivalence here. We are now in the Post Modern Cold War. It is necessary for President Biden to organize a coherent policy that will begin to take the battle to these evil regimes.

Dodge Demon
Dodge Demon

How did the Russians get so computer savvy? Bill Gates hanging out with Epstein too much?


Global Economics

FEATURED
COMMUNITY