White House national-security adviser Robert O'Brien has cut short a European trip and returned to Washington to deal with the fallout from a major cyberattack by suspected Russian hackers.
O'Brien was to hold National Security Council (NSC) meetings late on December 15 and early on December 16 and will convene a high-level interagency meeting later this week, NSC spokesman John Ullyot said in a statement.
The White House previously announced that a coordinating team had been created to respond to the cyberattack, which was first reported on December 13. The team includes the FBI, the Department of Homeland Security (DHS), and the Office of the Director of National Intelligence.
DHS has not said how many agencies were hacked. The department was among those targeted, along with the U.S. Treasury Department and the U.S. Commerce Department, according to media reports on December 14.
DHS and thousands of businesses have been scrambling to investigate and respond to the cyberattack, which experts have said was carried out by Russian government hackers.
The Russian Embassy in Washington denied any involvement, saying in a statement on December 14 that Russia “does not conduct offensive operations in the cyber domain.”
A bipartisan group of U.S. senators have written a letter to the directors of the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) requesting a report about the extent of the attacks.
The senators asked for a list of all federal agencies that are customers of SolarWinds, the software company whose product was compromised, and details about data that was susceptible to hacking.
CISA has ordered federal agencies to immediately stop using technology products made by SolarWinds, which has admitted that hackers from an "outside nation state" inserted malicious code into updates of its network management software issued between March and June of this year.
It is expected to take weeks if not longer for investigators to discover what government and private industry secrets may have been stolen.
SolarWinds’ software is used by several U.S. government agencies, including the U.S. Defense Department, which said in a statement on December 14 that it had issued guidance to protect its networks. It would not say whether any of its systems may have been hacked.
Acting Defense Secretary Chris Miller told CBS News on December 15 that there was no evidence of compromise.
Cybersecurity experts say the latest cyberattack exhibits the tactics and techniques of Russia’s Foreign Intelligence Service (SVR) and predict that when the investigation is complete, the cyberattack will rank highly in the annals of cyberespionage.
Thomas Rid of Johns Hopkins University said this cyberattack can be compared to Russia’s three-year-long hacking of U.S. government targets, including NASA and the Pentagon, in the 1990s.
Based on the amount of time the hackers were able to spy in the most recent case, he said they probably stole so much information they most likely do not know yet how they will use it.