Former Government Cybersecurity Head Blames Russian Intelligence For Massive Hack

Christopher Krebs, the former top cybersecurity official in the U.S., says Russia is to blame for a massive breach that’s affected the State Department, the Pentagon, the Treasury Department, the Department of Homeland Security and other departments and agencies.

“I understand it is, in fact, the Russians,” Krebs told Steve Inskeep on Morning Edition.

“It’s the Russian SVR, which is their foreign intelligence service. They are really the best of the best out there. They’re a top flight cyber intelligence team, and they used some very sophisticated techniques to really find the seams in our cyberdefenses here in the United States and seem to be quite successful in penetrating some very sensitive places.”

Determining blame for cyberattacks is complex. The agency Krebs led until November, the Cybersecurity and Infrastructure Security Agency, described the hackers as “patient, well-resourced, and focused,” but did not blame any one entity.

But Krebs joins Secretary of State Mike Pompeo, Attorney General William Barr, and lawmakers including Sens. Jim Inhofe, R-Okla., Jack Reed, D-R.I., and Mitt Romney, R-Utah, in pointing toward Russia as the culprit.

President Trump has instead suggested China could be behind the hack.

Trump fired Krebs in November after Krebs said the November election was secure and free of interference.

Krebs talked with NPR about how the hack happened, if it’s an “attack” or “espionage,” and how the U.S. should respond. Here are excerpts:

When I think about Internet security as a layman, I’m aware that one of the easiest ways to get at me would be … that I’m offered some update that’s not an update or asked to click on a link that’s not really what it purports to be. Does it surprise you that the government was caught in this rather straightforward way?

I actually would maybe characterize it a little bit differently in that the majority of attacks these days or cyber compromises are getting someone to click on a link via an email or open an attachment. And that’s really attempting to come in through the front door.

This is a little bit different in that it is a supply chain compromise and they’re exploiting trusted relationships between the government in…