At a press conference on Monday, outgoing Attorney General Bill Barr became the latest senior official to link the Russian government to a massive and ongoing cyberattack against U.S. federal agencies, even as President Donald Trump downplays the hack and seeks again to shift focus away from Moscow.
Experts have specifically blamed the hack on a group known as APT29, or "Cozy Bear," a Russian intelligence cyber unit that had targeted Democratic National Committee systems in 2016. Over the last week it was revealed that perhaps as far back as 2019, hackers hijacked an update in a piece of commercial software sold by Texas company SolarWinds to a number of Fortune 500 companies and government agencies, including Microsoft, Cisco, Intel, the Departments of State, Treasury, Homeland Security and Commerce, as well as the National Institutes of Health. Nearly 20,000 SolarWinds customers received updates containing APT29 malware.
Though the full extent of the damage is still unknown, Trump's former head of Homeland Security, Tom Bossert, said last Wednesday that "the magnitude of this national security breach is hard to overstate" and requires a response in which "all elements of national power must be placed on the table." On Friday, Trump's U.S. Cybersecurity Agency warned that the hack posed a "grave risk" to national security, and Secretary of State Mike Pompeo pinned the responsibility on Russia that same day.
"This was a very significant effort, and I think it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity," Pompeo said in a radio interview on "The Mark Levin Show," adding: "I can't say much more as we're still unpacking precisely what it is, and I'm sure some of it will remain classified."
The next day, however, Trump, who had still not commented on the cyberattack, undercut that assessment in a pair of tweets, claiming that he had been "fully briefed" and "everything is well under control," and accusing the media of pushing a false narrative about Russia.
"The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of ....discussing the possibility that it may be China (it may!)," Trump wrote.
"There could also have been a hit on our ridiculous voting machines during the election, which is now obvious that I won big, making it an even more corrupted embarrassment for the USA. @DNI_Ratcliffe @SecPompeo," he added, tagging Pompeo and Director of National Intelligence Dan Ratcliffe.
The tweets reportedly came as the White House prepared to issue a statement blaming Russia, and sent aides scrambling. Officials were reportedly told to stand down, and the White House still has not released a statement.
The next day, Sen. Lindsey Graham said he has "no reason to believe it's China," and Sen. Mitt Romney, R-Utah, told CNN's Jake Tapper that the president's tweets came as no surprise, considering Trump's "blind spot" to Moscow.
"The President has a blind spot when it comes to Russia, and so you can expect that that's the response that he would have," Romney said.
"What Russia has done is put in place a capacity to potentially cripple us in terms of our electricity, our water, our communications," the former GOP presidential candidate added. "This is the same sort of thing one can do in a wartime setting and so it's extraordinary dangerous and it's an outrageous affront on our sovereignty and one that's going to have to be met with a very strong response, not just rhetorical, important as that is, but also with a cyber response of like magnitude or greater."
Barr, a formerly devout Trump loyalist who was fired via executive tweet last week, joined the chorus on Monday.
"I agree with Secretary Pompeo's assessment. It certainly appears to be the Russians, but I'm not going to discuss it beyond that," the outgoing top prosecutor said.
President-elect Joe Biden's transition team said the next administration is weighing its options, which could include retaliatory cyberattacks on Russian infrastructure, according to Reuters.
"It's not just sanctions. It's steps and things we could do to degrade the capacity of foreign actors to engage in this sort of attack," incoming White House chief of staff Ron Klain told CBS' "Face the Nation" on Sunday.
Experts say that it could take months or even longer before the government has a full grasp on the extent of the attack.
Trump has repeatedly refused to hold Russian President Vladimir Putin directly accountable for carrying out cyberattacks on Trump's behalf in the 2016 election, and has deferred to him repeatedly in public. During Trump's term, the real estate mogul has resisted retaliatory sanctions, at one point even firing back at Congress in a written signing statement, calling near-unanimous sanctions "seriously flawed."
The Russian government has denied involvement in the hack.