New details have been revealed about a fierce cyber espionage campaign that made security teams in Internet networks around the world strive hard to reduce damage, while a senior official in the administration of US President Donald Trump spoke openly for the first time about a Russian role in infiltration.
And electronic records showed that suspected hackers from Russia infiltrated the systems of groups in Britain and an American company providing Internet services and local administration in the state of Arizona as well as US government agencies as part of the major cyber-attack that was revealed last week.
“I think the situation now is for us to say clearly that the Russians have a hand in this action,” Secretary of State Mike Pompeo said during a radio program.
Cisco Systems, a vender of network equipment, stated that it had discovered the presence of malware in a limited number of devices in some of its laboratories, but did not clarify whether anything had been seized.
A source familiar with the company’s investigation said fewer than 50 devices were damaged.
In Britain, a security source reported that a small number of institutions outside the public sector were also affected.
Shares of cybersecurity firms such as Fire Eye, Palo Alto Networks and Crowdstrike Holdings rose on Friday, as investors expected an increase in demand for technological security after companies the size of Microsoft and others announced they were affected by the cyber-attack.
The US government agency hack, which was first reported by Reuters on Sunday, has hit the US departments of Homeland Security, Treasury, State and Energy.
Internet security experts said the breach was sometimes limited to monitoring emails, but it was not clear what the hackers were doing when they broke into the networks.
White House spokesman Brian Morgenstern told reporters that National Security Adviser Robert O’Brien was holding emergency meetings daily if not faster than that.
“They are working very hard to minimize the damage and make sure our country is safe.
We will not go into many details because we will not reveal to our opponents what we are doing to address these matters”.
A senior US official said no way had been found to respond or know who was behind the attack.
Hackers seized network management software developed by Solar Windows, which on Monday spoke about its unintended role in the global attack. The company said that up to 18,000 users of the software known as Orion had downloaded an update that contained malicious code planted by the attackers.
The company stated that this attack was believed to have been carried out by an “outside country”.
Sources familiar with the matter indicated that the infiltrators were believed to be working for the Russian government.
Kremlin spokesman Dmitry Peskov denied the accusations.
“The hack was so great that our cybersecurity experts are not yet really aware of the size of the breach itself,” said Stephen Lynch, head of a subcommittee of the House Oversight and Reform Committee.
US President-elect Joe Biden will have to confront the problem when he takes office on January 20.
“There will be a high price,” said Johannes Abraham, executive director of Biden’s transition team, to reporters on Friday.
Microsoft, one of the thousands of companies that the malware has reached, said it has notified more than 40 of its customers that hackers have infiltrated its networks.
It stated that about 30 of these clients are in the United States and the rest of them are in Canada, Mexico, Belgium, Spain, Britain, Israel and the UAE.
Most of these work with IT companies, some research institutions and government organizations.