Biden Team Weighing Cyberattacks on Russian Infrastructure in Response to SolarWinds Hack: Report

President-elect Joe Biden's team has begun discussing potential responses to the alleged Russian hack of key government agencies and top private American companies, including a possible cyberattack against the rival nation's own infrastructure.

News of the massive hack broke last Sunday, after hackers gained access to SolarWinds' software as far back as March. The hackers managed to install malware in an update of the company's Orion software which was then downloaded by thousands of clients—compromising top federal agencies as well as hundreds of private companies. The Cybersecurity and Infrastructure Security Agency (CISA) under the Department of Homeland Security warned on Thursday that the cyberattack poses a "grave risk" to the U.S. government.

Reuters reported on Sunday, citing anonymous sources, that the Biden team is weighing its options to respond to the Russian hack. These options reportedly include a cyberattack against Russian infrastructure and new financial sanctions against the rival nation. One of the sources told Reuters that the primary goal would be to deter future Russian attacks while simultaneously curbing future cyberattacks from the country.

Hackers
President-elect Joe Biden's team is reportedly weighing cyberattacks on Russian infrastructure in response to the SolarWinds hack. In this photo illustration, a hacker's hands can be seen typing on a laptop. Getty

Biden said in a Thursday statement without calling out Russia as the perpetrator of the hack:

I want to be clear: my administration will make cybersecurity a top priority at every level of government—and we will make dealing with this breach a top priority from the moment we take office. We will elevate cybersecurity as an imperative across the government, further strengthen partnerships with the private sector, and expand our investment in the infrastructure and people we need to defend against malicious cyber attacks.

But a good defense isn't enough; we need to disrupt and deter our adversaries from undertaking significant cyber attacks in the first place. We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.

SolarWinds has said that about 18,000 clients downloaded the Orion update with the malware. Government agencies—including the Department of Homeland Security, the Treasury Department, the Commerce Department, and several others—have reportedly been compromised. CISA warned that there is "evidence" of other hacks unrelated to the SolarWinds software as well.

U.S. lawmakers and cybersecurity experts have pointed to Russia as the primary culprit for the attack, pointing to the level of sophistication and techniques employed. Russia has denied responsibility, which is the typical response from a nation state that has carried out a cyberattack or other espionage activity.

Christopher Krebs, who led CISA until he was fired by Trump last month after his agency dismissed the president's baseless claims of widespread voter fraud, warned that the U.S. should be "cautious" in its response to Russia. "I'd be very careful with escalating this," Krebs told CNN on Sunday, suggesting the U.S. should have "a conversation among like-minded countries" regarding what kind of espionage is acceptable.

Although Secretary of State Mike Pompeo blamed Russia directly, as have many leading Republicans, President Donald Trump attempted to cast doubt on these accusations in a Saturday tweet. The president also downplayed the seriousness of the threat.

"The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control," Trump tweeted on Saturday. "Russia, Russia, Russia is the priority chant when anything happens," the president added, suggesting that China could have been behind the hack. Although the investigation into the cyberattack remains ongoing, the president appears to be isolated in his viewpoint.

"Increasingly clear that Russian intelligence conducted the gravest cyber intrusion in our history," Senator Marco Rubio, a Florida Republican, tweeted on Saturday. "The process of determining its extent & assessing the damage is underway. Remediation will take time & significant resources. Our response must be proportional but significant," he wrote.

Speaking to NBC News' Meet the Press on Sunday, Senator Mitt Romney, a Utah Republican, accused Trump of having a "blind spot" when it comes to Russia.

"The reality here is that the experts, the people who really understand how our systems work and how computers work and software and so forth, the thousands upon thousands at the CIA and the NSA and the Department of Defense, have determined that this came from Russia," Romney said.

Newsweek reached out to the Biden transition team for further comment but did not immediately receive a response.

Updated December 20, 2020 at 11:26 a.m. ET: A comment from former CISA director Christopher Krebs has been added.