Top members of President-elect Joseph R. Biden’s team said Sunday that the incoming administration is eyeing sanctions and other retaliatory measures in response to the massive hack of U.S. federal and private-sector systems that was apparently carried out by Russia.
Ron Klain, the incoming White House chief of staff, said Mr. Biden’s response could entail more than sanctions.
“It’s also steps and things we could do to degrade the capacity of foreign actors to repeat this sort of attack or, worse still, engage in even more dangerous attacks,” Mr. Klain said on CBS’s “Face the Nation.”
Jennifer Granholm, Mr. Biden’s pick for energy secretary, said the response could involve other countries as officials race to determine the size and scope of the hack.
“We are certainly concerned about any secrets being compromised. We haven’t gotten that information yet,” Ms. Granholm said on ABC’s “This Week.” “But believe me, Joe Biden will have a very significant response. And it may be a multinational response, depending on who is compromised.”
Officials have confirmed that the Department of Energy, which oversees the country’s nuclear stockpile, was part of the massive breach.
It’s not clear exactly what the hackers were seeking, but experts say it could include nuclear secrets, blueprints for advanced weaponry, COVID-19 vaccine-related research and information for dossiers on key government and industry leaders.
Mr. Biden said last week that the perpetrators will be “held accountable” and that the remedies could include financial penalties for “individuals” and “entities.”
Mr. Klain said it would be helpful for the Trump administration to get its story straight on who officials believe carried out the attack.
President Trump said Saturday that China could be involved and that the situation was “well under control,” seemingly contradicting Secretary of State Mike Pompeo’s assessment a day earlier.
“This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity,” Mr. Pompeo said in an interview Friday with conservative radio host Mark Levin.
Russia has denied involvement, though Russian President Vladimir Putin singled out his country’s SVR foreign intelligence service for its work protecting Moscow’s interests.
In comments marking the 100th anniversary of the founding of the SVR, Mr. Putin made no mention of the attack, but he thanked the intelligence service and praised the “professional operations” it has carried out.
“I know what I’m talking about here,” Mr. Putin said, as quoted by Reuters. “And I rate very highly the difficult professional operations that have been conducted.”
Mr. Putin also said the intelligence service must pay close attention to conflicts near Russia’s borders and defend against terrorist plots.
“I expect that the foreign intelligence service will continue to respond flexibly to the highly changeable international context, actively participating in identifying and neutralizing potential threats to Russia, and improving the quality of its analytical materials,” he said.
Sen. Mark R. Warner of Virginia, the top Democrat on the Senate Select Committee on Intelligence, said Sunday that all signs point to Russia as the responsible party and that the attack could be continuing.
“We have not discovered how we will ferret them fully out,” Mr. Warner said on ABC’s “This Week.” “This is extraordinarily serious, and when the president of the United States tries to deflect or is not willing to call out the adversary as we make that attribution, he is not making our country safer.”
Mr. Warner did say it appears that no classified networks have been breached.
Sen. Mitt Romney, Utah Republican, said Sunday on “Meet the Press” that Russia “acted with impunity” but that Mr. Trump has a “blind spot” when it comes to the country.
What makes the hacking campaign so extraordinary is its scale: 18,000 organizations were infected from March to June by malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds.
It will take months to oust elite hackers from the U.S. government networks they have been quietly combing.
Experts say there simply are not enough skilled threat-hunting teams to duly identify all the government and private-sector systems that might have been hacked. FireEye, the cybersecurity company that discovered the intrusion into U.S. agencies and was among the victims, has tallied dozens of casualties and is racing to identify more.
Many federal workers and others in the private sector must presume that unclassified networks are teeming with spies. Agencies will be more inclined to conduct sensitive government business on Signal, WhatsApp and other encrypted smartphone apps.
“We should buckle up. This will be a long ride,” said Dmitri Alperovitch, co-founder and former chief technical officer of the leading cybersecurity firm CrowdStrike. “Cleanup is just phase one.”
Florida became the first state to acknowledge falling victim to a SolarWinds hack. Officials told The Associated Press that hackers apparently infiltrated the state’s health care administration and other agencies.
SolarWinds’ customers include most Fortune 500 companies, and its U.S. government clients are rich with generals and spymasters.
If the hackers are indeed from Russia’s SVR foreign intelligence agency, as experts believe, their resistance may be tenacious. When they hacked the White House, the Joint Chiefs of Staff and the State Department in 2014 and 2015, “it was a nightmare to get them out,” Mr. Alperovitch said.
⦁ S.A. Miller contributed to this article, which is based in part on wire service reports.
• David Sherfinski can be reached at dsherfinski@washingtontimes.com.
• Ben Wolfgang can be reached at bwolfgang@washingtontimes.com.
Please read our comment policy before commenting.